Device Management
Log Managem ent
Cisco ISA500 Series Integrated Security Appliances Administration Guide 443
10
•Log Facility: Choose the facility to filter the logs. All logs that belong to the
selected facility and match the specified severity settings are displayed.
•Keyword: Enter the keyword to search the logs. All logs that contain the
specified keyword are displayed.
•Source IP Address: Enter the source IP address to filter the firewall logs. All
firewall logs that match this source IP address are displayed.
•Destination IP Address: Enter the destination IP address to filter the firewall
logs. All firewall logs that match this destination IP address are displayed.
STEP 3 Click Query.
The query outputs appear in the Logs table. The following information is
displayed.
•Date: The date of the event.
•Severity: The severity level of the event.
•Facility : The type of facility for the log.
•Log Data: A brief description for the event.
•Source IP Address: The source IP address for the firewall event.
•Destination IP Address: The source IP address for the firewall event.
STEP 4 You can optionally perform the following actions:
• Sort the log entries. The logs can be sorted by clicking the column header.
By default, the logs are sorted by date and time in descending sequence. For
example, if you click Severity, the logs are sor ted by the severity level in
ascending sequence. Double click Severity, the logs are sorted by the
severity level in descendin g sequence.
• Navigate the log entries. When viewing large numbers of logs, you can
specify how many logs are displayed in the table per page, or you can
navigate these logs by using the navigation buttons if one page cannot show
all logs.
•Click Clear to clean up all logs that are saved in the local syslog daemon.
•Click Refresh to refresh the log data.
•Click Export to export the logs to a defined destination for debugging
purposes.