Logs

System Log

The System Log contains information about the software processes that control the X family device, including startup routines, run levels, and maintenance routines. System log entries can provide useful troubleshooting information if you encounter problems with the device.

To maintain a complete history of entries and provide a backup, you can configure the device to send System Log entries to a syslog server from the Syslog Servers page.For details, see “Syslog Servers” on page 242.

Note Users with any access level can view and print the system log, but only Administrator and Super-user level users can reset this log.

For information on Adaptive Filter messages, see “Adaptive Filter Configuration” on page 60.

System Log entries are only sent to the syslog server after the device has fully booted. During the boot sequence, entries cannot be sent because network ports are not yet enabled. When the boot sequence completes, the device sends a startup message to the syslog server.

A System log entry contains the following fields:

Table 5–7: System Log Field Descriptions

Column

Description

 

 

 

 

Log ID

A system-assigned Log ID number

 

 

Log Entry

A date and time stamp in the format year-month-date hour:minute:second

Time

 

 

 

Severity Level

The severity level of a message indicates whether the log entry is simply

 

informational (INFO) or whether it indicates an error condition (ERR or CRIT)

 

 

Component

The component is an abbreviation that indicates which software component sent

 

the message to the log

 

 

Message

The message is the text of the log entry

 

 

Configuring Remote System Logs

All information logged by the LSM can be offloaded to a remote syslog server. Options to configure logging behavior for traffic-related events are available from the Edit Action Sets page (IPS > Action Sets > Edit) and the Edit Firewall Rule page. In order to use remote logging options, you must configure the contact information for the remote syslog servers.

For details on configuring the Remote System Log contact for the Alert, IPS Block, and Firewall Block log messages, see “Configure the Remote System Log Contact” on page 54.

X Family LSM User’s Guide V 2.5.1

105