Chapter 5 Events: Logs, Traffic Streams, Reports
Table
Column | Description |
|
|
|
|
Bytes | For Session End events, this field contains the number of bytes transferred |
| during each session. For web request events, this field indicates the number of |
| bytes downloaded from the HTTP GET. |
|
|
Message | Message text associated with the firewall session event: |
| Web request — no message |
| Session start — Regular session start, Secondary session |
| start |
| Session end — Session ended because of inactivity, Session |
| ended because of inactivity |
VPN Log
The VPN log captures diagnostic messages relating to VPN tunnels to help troubleshoot and monitor VPN configurations. Each log entry is
To maintain a complete history of entries and provide a backup, you can configure the X family device to send VPN Log entries to a syslog server from the Syslog Servers page. For details, see “Syslog Servers” on page 242.
A VPN log entry contains the following fields:
Table
Column | Description |
|
|
|
|
Log ID | A |
|
|
Log Entry | A date and time stamp in the format |
Time |
|
|
|
Severity | The severity of the event, which is INFO. |
|
|
Src IP:Port | Source address — the IP address and port for the event. This is a string and the |
| value may be |
| itself. |
|
|
Dest IP:Port | Destination IP address and port for the event |
|
|
Message | |
|
|
Configuration
The logging level for the VPN log can be configured to provide more/less detailed information by configuring the Enable Verbose messages in the VPN Log option available on the IPSec Configuration page in the LSM application.
104X Family LSM User’s Guide V 2.5.1