Technical Tip: ICMP specific format for UTM logs
Description
This article explains why the UTM logs for ICMP traffic contain source and destination port numbers.
Solution
For ICMP UTM logs, the "dstport" field is used to display the ICMP code, and "srcport" is showing the sequence number from the ICMP payload.
More information regarding Internet Control Message Protocol and a description of the ICMP parameters can be found at external sites such as:
https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml
and
https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
More information regarding Internet Control Message Protocol and a description of the ICMP parameters can be found at external sites such as:
https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml
and
https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol