ESET Online Help

Search English
Select the category
Select the topic

Network

Return information about network events

Property

Type

Description

Example

DestinationIpAddressV4

ipv4 address

The ipv4 destination address of Firewall detection. Supports masks.

192.168.0.1, supports masks - 192.168.0.0/16

DestinationIpAddressV6

ipv6 address

The ipv6 destination address of Firewall detection. Supports masks.

2001:db8:85a3:8d3:1319:8a2e:370:0, supports masks - 2001:db8:85a3:8d3:1319:8a2e:370:0/112

Hostname

String

The target hostname

www.google.com

Inbound

Bool

The connection is inbound

true/false

IpAddressV4

ipv4 address

The ipv4 address target of the event. Supports masks.

192.168.0.1, supports masks - 192.168.0.0/16

IpAddressV6

ipv6 address

The ipv6 address target of the event. Supports masks.

2001:db8:85a3:8d3:1319:8a2e:370:0, supports masks - 2001:db8:85a3:8d3:1319:8a2e:370:0/112

Port

Int

The TCP/UDP target port

8080

Protocol

String

The protocol used by the connection

HTTP, HTTPS, etc.

SourceIpAddressV4

ipv4 address

The ipv4 source address of Firewall detection. Supports masks.

192.168.0.1, supports masks - 192.168.0.0/16

SourceIpAddressV6

ipv6 address

The ipv6 source address of Firewall detection. Supports masks.

2001:db8:85a3:8d3:1319:8a2e:370:0, supports masks - 2001:db8:85a3:8d3:1319:8a2e:370:0/112

Url

String

If the request involved a URL (i.e., HTTP request)

The target URL

 

Example:

<definition>

 <operations>

         <operation type="TcpIpConnect">

                 <operator type="or">

                         <condition component="Network" property="IpAddressV4" condition="is" value="10.0.0.0/8" />

                         <condition component="Network" property="IpAddressV4" condition="is" value="172.16.0.0/12" />

                         <condition component="Network" property="IpAddressV4" condition="is" value="192.168.0.0/16" />

                         <condition component="Network" property="IpAddressV4" condition="is" value="127.0.0.0/8" />

                         <condition component="Network" property="IpAddressV6" condition="is" value="::1/128" />

                         <condition component="Network" property="IpAddressV6" condition="is" value="fc00::/7" />

                 </operator>

         </operation>

 </operations>

</definition>

 

Supported Operations and their components:

 

Network

Detection

X

HttpRequest

X

TcpIpAccept

X

TcpIpConnect

X

TcpIpProtocolIdentified

X