Figure 114 Configure a log host

The port number should be in accordance with the management port number set in Firewall Manager, which can be seen in System Management > System Config > Management Ports

Figure 115 Management Ports

2.Configure User Log

Flow logging records users’ access information to the external network. The device classifies and calculates flows through the 5-tuple information, which includes source IP address, destination IP address, source port, destination port, and protocol number, and generates user flow logs.

Flow logs can be output in the following two formats, and you can select either one.

Output to the specified userlog log host in UDP packets in binary format.

Output to the information center of the device in the format of syslog, and it can be displayed as other syslogs in Log Report > Report and can be sent to a syslog server too.

In this example, we choose to send flow log to a log host.

Select Log Report > Userlog from the navigation tree to enter the page as below. Configure the Firewall Manager host ip address as the log host ip address and port number 30017.

104