Appendix C Log Formats and System Messages
Log Formats
In the LSM, you can view all the logs in the GUI. In addition, you can download a
In the System Log, the fields displayed in the GUI are the same as the fields in the downloaded log. In the other five logs, the fields that are shown in the GUI are only a subset of what is available in the downloaded log file.
This section documents the fields that are in the downloaded versions of these logs. These field definitions are helpful when reading the downloaded log file. They contain the description of the data so that you can format the desired fields in a reporting program such as Excel or Access, or send it to a remote syslog server.
DelimitersIn the LSM GUI, on the Download Log page, you can specify one of the following delimiter formats:
• tab (This is the default.) The field names do not appear on the tab delimited format.
•comma (csv)
For both types of delimiters, the
Alert and IPS Block Log Formats
An example of a
1, | 16:31:39,INFO,BLK,”Block v4 2 | |||
0800179bd3a4] | 1 | |||
192.168.1.1:0 | 209.191.93.52:0 | 1 0 | 0 | |
a34e69992c46] | ANY | |||
1156260699 0000000000 1 | pt0 | 0 | 0 0 0324” | |
The following table describes the downloadable format of the Alert Log and IPS Block Log:
Table
Field Name | Description | |
|
|
|
|
|
|
Seq |
| Unique sequence number for this log file. |
|
|
|
Entry_time |
| Date and time of event. |
|
|
|
Sev |
| Severity of the alert, from least to most severe: |
|
| • INFO = for information only |
|
| • WARN = warning |
|
| • ERR= error |
|
| • CRIT = critical |
|
|
|
292 X Family LSM User’s Guide V 2.5.1