144 | Chapter 8 - IntraGuard Firewall Configuration |
|
|
The event log messages will appear in the log buffer (or wherever log messages are being sent), only if the global log level is at the same level or a lower level of importance. This allows you to closely monitor certain events while excluding events you do not wish to closely monitor from the log.
Logging parameters for the device, including the global log level, are set in the Logging Configuration Dialog Box, which can be accessed by selecting Logging from the Device View.
Using the default configuration as an example, if you wish to see log messages for TCP Resets, which have a default setting of Notice, you would need to set the Log Level in the Logging Configuration Dialog Box to Notice, Info or Debug. Any other setting would mean that TCP Resets would not appear in the log.
Rejects
Rejects messages are created by the firewall whenever an IP packet is rejected for any reason. The default is Info.
TCP EST Reject
TCP EST Reject messages are created by the firewall whenever an estab- lished TCP session is rejected. These messages are also created when a TCP session for which the firewall has not seen the SYN flag is established. The default is Error.
Sessions
Sessions messages are created by the firewall whenever an IP session is estab- lished. The default is Error.
TearDown
TearDown messages are created by the firewall whenever an IP session is torn down. The default is Warning.
IP Timeouts
IP Timeouts messages are created by the firewall whenever a
TCP Timeouts
TCP Timeouts messages are created by the firewall whenever a TCP session is timed out due to inactivity. The default is Alert.
TCP Resets
TCP Resets messages are created by the firewall whenever a TCP session is reset. The default is Notice.