Experience Center
Tunnel Insights Logs: Columns
You can customize your tunnel logs using the columns. To learn more about logs, see About Insights Logs.
You can select the following Tunnel Insights Log columns to view:
- Authentication Algorithm: The authentication algorithm used for IPSec Phase 1 and Phase 2.
- Authentication Type: The method IPSec peers use to authenticate each other.
- Bytes Received: The total bytes of data Zscaler received through the tunnel from the organization in the one-minute sample interval.
- Bytes Sent: The total bytes of data Zscaler sent through the tunnel to the organization in the one-minute sample interval.
- Cipher: The ciphers used for the control and data channel of the tunnel.
- Cipher Protocol:The protocol that is used by the tunnel (i.e., TLS or DTLS).
- Cloud Connector Instance: The specific Zscaler software instance from which you want to view the DNS logs.
- Data Center: The data center associated with the tunnel.
- Encryption Algorithm: The encryption algorithm used to encrypt handshakes (IPSec Phase 1) and data (IPSec Phase 2).
- Event Reason: The reason that the status change occurred for a tunnel.
- Event Time: The date and time the event occurred.
- IKE Phase 2 SPI: The Security Parameter Index (SPI) for the IKE SA established in Phase 2.
- Initiator Cookie: The initiator's cookie value used during the IPSec IKE Phase 1 message exchange.
- IPSec Protocol: Protocols used in establishing the IPSec VPN tunnel.
- Keep Alive Packets: The Keep-Alive packet ensures that the SSL VPN connection remains open even when the device is inactive.
- Life Bytes: The total number of life bytes that is transmitted over an IPSec SA before it expires.
- Location: The location associated with the tunnel.
- Log Time: The date and time the event was logged.
- Log Type: The type of tunnel logs.
- No.: The item number.
- P2 Policy Dest IP - End: The end destination IP address specified in the IPSec Phase 2 policy proposal.
- P2 Policy Dest IP - Start: The start destination IP address specified in the IPSec Phase 2 policy proposal.
- P2 Policy Dest Port - End: The end destination port number specified in the IPSec Phase 2 policy proposal.
- P2 Policy Protocol: The protocol specified in the IPSec Phase 2 policy proposal.
- P2 Policy Src IP - End: The end source IP address specified in the IPSec Phase 2 policy proposal.
- P2 Policy Src IP - Start: The start source IP address specified in the IPSec Phase 2 policy proposal.
- P2 Policy Src Port - Start: The start source port number specified in the IPSec Phase 2 policy proposal.
- Packets Received: The total number of packets Zscaler received through the tunnel from the organization in the one-minute sample interval.
- Packets Sent: The total number of packets Zscaler sent through the tunnel to the organization in the one-minute sample interval.
- Policy Direction: The direction in which the IPSec Phase 2 policies (allowed subnets/ports/protocols) are proposed. The following directions appear under this column:
- Inbound: From the organization's IPSec gateway to Zscaler.
- Outbound: From Zscaler to the organization's IPSec gateway.
- Responder Cookie: The responder's cookie value used during the IPSec IKE Phase 1 message exchange.
- Session ID: A cryptographically generated random number that is unique per tunnel.
- Source Port: The port number of the tunnel from which the tunnel is initiated.
- Tunnel Destination IP: The destination IP address that the tunnel is destined to.
- Tunnel Lifetime: The time after an IKE expires for the IPSec VPN tunnel.
- Tunnel Source IP: The source IP address from which the tunnel is initiated.
- Tunnel Status: The status of the tunnel.
- Tunnel Type: The type of networking tunnel.
- Vendor ID: The vendor associated with the tunnel.