Chapter 9. Logging

You can choose between different file formats; TAB-separated file, comma-separated file and WELF (WebTrends Enhanced Log Format). These are text formats, which means that you can import the files in a text editor for analysis. TAB- and comma-separated files contain all information from the log file. WELF is an open standard used by several log analyzer tools. However, all WELF compatible syslog messages will not be exported.

WELF uses the Telecommuting Module name you enter on the Basic Configuration page. Some WELF applications have licenses restricted to a certain number of Telecommuting Modules. This can cause trouble if you change the name of your Telecommuting Module.

If you export a log to WELF with Show newest at top selected, this may become troublesome when using some WELF applications, which cannot handle events in reverse order.

Press Export log and enter the file name and path to export to file.

Clear form

Resets the form.

The log

The log shows every packet and event on a separate row.

The rows displaying IP packets show the date and time, type of protocol, from interface, computer and port, to interface, computer and port, ICMP type for ICMP traffic, flags, whether the packet was accepted, rejected or discarded, and the reason for this. For TCP traffic, and for UDP traffic which is session managed, only the connection packet is dis- played. SIP media streams are not logged.

The Telecommuting Module’s own IP address is displayed in the log with a purple background color. Rejected and discarded packets are displayed with a yellowish background.

The following flags are used:

144