|
|
|
|
|
scTag |
32769 |
4 |
|
scTrafficProcessorId |
32770 |
1 |
|
scSourceIpSample |
32771 |
1 |
|
scDestinationIpSample |
32772 |
1 |
|
scFlowContextId |
32773 |
4 |
|
scSubscriberId |
32774 |
64 |
The subscriber identification string, introduced through the subscriber management interfaces. For an unknown subscriber this field may contain an empty string. The string is padded with zeros. |
scPackageId |
32775 |
4 |
The ID of the service configuration package/profile assigned to the subscriber. |
scServiceId |
32776 |
4 |
The service classification of the reported session. |
scProtocolId |
32777 |
2 |
The unique ID of the protocol associated with the reported session. The PROTOCOL_ID will be the Generic IP / Generic TCP / Generic UDP protocol ID value, according to the specific transport protocol of the transaction, unless a more specific protocol definition (such as a signature-based or a port-based protocol) that matches the reported session is assigned to a service. |
scSkipppedSessions |
32778 |
4 |
The number of unreported sessions since the previous reporting record of this kind. |
scInitiatingSide |
32779 |
1 |
The initiating side of the transaction: • 0—Subscriber side •1—Network side |
scReportTime |
32780 |
4 |
Ending time stamp of this reporting record. The field is in UNIX time_t format, which is the number of seconds since midnight of 1 January 1970. |
scTransactionDurationMillisec |
32781 |
4 |
Duration, in milliseconds, of the transaction reported in this reporting record. |
scTimeFrame |
32782 |
1 |
Which of the four possible time frames was used for the period during which the reporting record was generated. The field takes a value in the range 0 to 3. |
scSessionUpstreamVolume |
32783 |
4 |
Upstream volume of the transaction, in bytes. The volume refers to the aggregated upstream volume on both links of all the flows bundled in the transaction. |
scSessionDownstreamVolume |
32784 |
4 |
Downstream volume of the transaction, in bytes. The volume refers to the aggregated downstream volume on both links of all the flows bundled in the transaction. |
scProtocolSignature |
32785 |
4 |
The ID of the protocol signature associated with this session |
scZoneId |
32786 |
4 |
The ID of the zone associated with this session |
scFlavorId |
32787 |
4 |
For protocol signatures that have flavors, this field contains the ID of the flavor associated with this session. |
scFlowCloseMode |
32788 |
1 |
The reason for the end of the flow. |
scAccessString |
32789 |
128, 256, 512, 1024 |
A Layer 7 property, extracted from the transaction. |
scInfoString |
32790 |
128, 256, 512, 1024 |
A Layer 7 property, extracted from the transaction. |
scClientPort |
32791 |
2 |
|
scServerPort |
32792 |
2 |
|
scSubscriberCounterId |
32793 |
2 |
|
scServiceUsageCounterId |
32794 |
2 |
|
scBreachState |
32795 |
1 |
Indicates whether the subscriber's quota was breached: •0—The quota was not breached •1—The quota was breached |
scReason |
32796 |
1 |
The reason that the reporting record was generated: •0—Periodic record •1—Subscriber logout •2—Package switch •3—Wraparound •4—End of aggregation period |
scConfiguredDuration |
32797 |
4 |
Configured period, in seconds, between successive reporting records. |
scDuration |
32798 |
4 |
The number of seconds that have passed since the previous reporting record of this type. |
scEndTime |
32799 |
4 |
Ending time stamp of this reporting record. The field is in UNIX time_t format, which is the number of seconds since midnight of 1 January 1970 |
scUpstreamVolume |
32800 |
4 |
Aggregated upstream volume on both links of all sessions, in kilobytes, for the current reporting period. |
scDownstreamVolume |
32801 |
4 |
Aggregated downstream volume on both links of all sessions, in kilobytes, for the current reporting period. |
scSessions |
32802 |
4 |
Aggregated number of sessions for the reported service, for the current reporting period. |
scSeconds |
32803 |
4 |
Aggregated number of session seconds for the reported service, for the current reporting period. |
scPackageCounterId |
32804 |
2 |
Each package is mapped to a counter. There are 64 package usage counters. |
scGeneratorId |
32805 |
1 |
A numeric value identifying the processor generating the reporting record. |
scServiceGlobalCounterId |
32806 |
2 |
Each service is mapped to a counter. There 64 global usage counters |
scConcurrentSessions |
32807 |
4 |
Concurrent number of sessions using the reported service when this reporting record was generated. |
scActiveSubscribers |
32808 |
4 |
Concurrent number of subscribers using the reported service when this reporting record was generated. |
scTotalActiveSubscribers |
32809 |
4 |
Concurrent number of subscribers in the system when this reporting record was generated. |
scLinkId |
32810 |
1 |
A numeric value associated with the reported network link: •0—Physical link 1 •1—Physical link 2 |
| |
32811-32818 |
|
Reserved |
scAttackId |
32819 |
4 |
Unique attack ID. |
scAttackIp |
32820 |
4 |
The IP address related to this attack. |
scAttackOtherIp |
32821 |
4 |
The other IP address related to this attack if it exists, -1 otherwise. |
scAttackPortNumber |
32822 |
2 |
The port number related to this attack if one exists (if this is an IP scan, for example), -1 otherwise. |
scAttackType |
32823 |
4 |
Who scAttackIp belongs to: •0—Attacked •1—Attacker |
scAttackSide |
32824 |
1 |
The IP address side: •0—Subscriber •1—Network |
scAttackIpProtocol |
32825 |
1 |
The IP protocol type: •0—Other •1—ICMP •6—TCP •17—UDP |
scAttacks |
32826 |
1 |
The number of attacks in the current reporting period. Since attack reports are generated per attack, the value is 0 or 1. |
scAttackMaliciousSessions |
32827 |
4 |
Aggregated number of sessions for the reported attack, for the current reporting period. If the SCE platform blocks the attack, this field takes the value -1. |
Feedback