Logs
Log MaintenanceThe X family device maintains two files for each log: a historical log file and a current log file. When the current log file reaches the default size (4MB), the log is
You can reset a log from its menu page, or use the Reset 
function available on the System Summary page.
For details, refer to the following sections:
•“Firewall Block Log” on page 102
•“Firewall Session Log” on page 103
•“Configuring Remote System Logs” on page 105
Alert Log
The Alert log contains information about network traffic that triggers IPS filters configured with a Permit + Notify or Permit+Notify+Trace action set. Any user can view the log, but only administrator and
To maintain a complete history of entries and provide a backup, you can configure the X family device to send Alert Log entries to a remote syslog server from the Notification Contacts page. For details, see “Notification Contacts” on page 52.
An Alert log entry contains the following fields:
Table
Column | Description |
|
|
|
|
Log ID | A |
|
|
Date/Time | A date and time stamp in the format |
|
|
Severity | Indicates the severity of the triggered filter. Possible values include: Critical, |
| Major, Minor, and Low |
|
|
Filter Name | The name of the IPS filter that was triggered |
|
|
Protocol | The name of the protocol that the action affects |
|
|
Security Zone | The Security Zone pair where the alert occurred (LAN |
(pair) |
|
|
|
X Family LSM User’s Guide V 2.5.1 | 99 |
|
|