ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual

Table 11-15. Logs Query Settings (continued)

Setting

Description (or Subfield and Description)

 

 

 

Search Criteria

Client IP

The client IP address that is queried.

(continued)

 

This field is available for the following logs:

 

 

Traffic, Spam, Malware, Content filters, Port Scan, IPS, Instant

 

 

Messaging/Peer to Peer.

 

 

 

 

Server IP

The server IP address that is queried.

 

 

This field is available for the following logs:

 

 

Traffic, Malware, Content filters, Port Scan, IPS, Instant

 

 

Messaging/Peer to Peer.

 

 

 

 

Category

From the pull-down menu, select a category that is queried.

 

 

The following categories can be selected:

 

 

• For the IPS log: a threat, protocol, or application.

 

 

• For the Instant Messaging/Peer to Peer log: an instant

 

 

messaging or peer-to-peer application.

 

 

 

 

Reason

Select one or more checkboxes to specify the reasons that are

 

 

queried:

 

 

The following reasons can be selected:

 

 

• For the Email filters log: keyword, file type, file name,

 

 

password, and size limit.

 

 

• For the Content filters log: URL, file type, and size limit.

 

 

 

 

Spam Found By

This field is available only for the Spam log.

 

 

Select a checkbox to specify the method by which Spam is

 

 

detected: Blacklist or Heuristic Scan.

 

 

Note: Heuristic Scan refers to Distributed Spam Analysis.

 

Malware Name

The name of the malware threat that is queried.

 

 

This field is available only for the Malware log.

 

Action

The spam or malware detection action that is queried.

 

 

The following actions can be selected:

 

 

• For the Spam log: block or tag.

 

 

• For the Malware log: delete, block email, or log.

 

 

 

 

Email Subject

The e-mail subject that is queried:

 

 

This field is available for the following logs:

 

 

Spam and Email filters.

 

 

 

 

Sender Email

The sender’s e-mail address that is queried.

 

 

This field is available only for the Traffic log.

 

Recipient Email

The recipient ‘s e-mail address that is queried.

 

 

This field is available for the following logs:

 

 

Traffic, Spam, Malware, and Email filters.

 

 

 

11-36

Monitoring System Access and Performance

v1.0, September 2009

Page 394
Image 394
NETGEAR UTM10EW-100NAS, UTM25-100NAS manual Following categories can be selected, Following reasons can be selected