1 Reply Latest reply on Aug 17, 2017 5:43 PM by sssyyy

    Determine action of SonicWALL logs


      Can anyone help me to understand why we get fw_action="NA" in SonicWALL syslogs? I have TZ 600 and more than 70% Syslog messages have fw_action="NA". So I am unable to determine action on that traffic whether its allowed/denied?


      Sample log:


      id=firewall sn=XXXXX time="2017-08-17 13:33:40 UTC" fw=X.X.X.X pri=6 c=1024 m=97 app=9 n=1393310 src= dst= srcMac=X.X.X.X dstMac=X.X.X.X proto=tcp/http op=1 sent=675 rcvd=7419 dstname=cb.iphantom.com arg=/block/restricted.html?fn=Default&fp=1&ip= 0&re=1&bu=dsum.casalemedia.com/rum&bc code=15 Category="Business and Economy" rule="3 (LAN->WAN)" fw_action="NA"