Device Management
Log Managem ent
Cisco ISA500 Series Integrated Security Appliances Administration Guide 442
10
STEP 5 Check the box of Click here if you accept with SEULA to acc ept the SEULA
(Software End User License Agreement) requirements. You can click the SEULA
link to see the detailed SEULA requirements on Cisco.com.
STEP 6 Click Validate License to validate the security license on your security appliance.
After the license is installed or renewed, the expiration date of the security license
is updated immediately. The security services are activated by the security
license.
Log ManagementYou can configure logs for various events that occur on your network. The event
logs can be used for tracking potential security threats. A variety of events can be
captured and logged for review. These logs can be saved to the local syslog
daemon or to a specified remote syslog server, or be emailed to a specified email
address.
This section describes how to view the event logs, and configure the log settings
and the log facilities. Refer to the following topics:
•Viewing Logs, page 442
•Configuring Log Settings, page 444
•Configuring Log Facilities, page 447
Viewing Logs
Use the View Logs page to view the logs for specific severity level, log facility, or
source and/or destination IP address, or to search the logs by keyword.
NOTE Make sure that you enable the Local Log feature before you view the logs. See
Configuring Log Settings, page 444.
STEP 1 Click Device Man agement > Logs > View Logs.
STEP 2 Specify the logs to be viewed:
•Log Severity: Choose the severity level to filter the logs. For example: If you
select Critical, all logs listed under the Critical, Emergency, and Alert
categories are displayed.