Logging is a feature that records various kinds of system logs, including device log, threat log, session log, NAT log
- Device log
- Event - includes 8 severity levels: debugging, information, notification, warning, error, critical, alert, emergency.
- Network - logs about network services, like PPPoE and DDNS.
Configuration - logs about configuration on command line interface, e.g. interface IP address setting.
- Share Access Logs - logs about share access rule.
- Threat - logs related to behaviors threatening the protected system, e.g. attack defense and application security.
- Session - Session logs, e.g. session protocols, source and destination IP addresses and ports.
- NAT - NAT logs, including NAT type, source and destination IP addresses and ports.
- EPP - logs related with end point protection function.
- File Filter - logs related with file filter function.
- Network behavior record logs – Logs related with network behavior record function, e.g. IM behavior ,etc.
- URL - logs about network surfing, e.g. Internet visiting time, web pages visiting history, an URL filtering logs.
- PBR - logs about policy-based route.
- CloudSandBox - logs about sandbox.
The system logs the running status of the device, thus providing information for analysis and evidence.
Event logs are categorized into eight severity levels.
|Emergencies||0||Identifies illegitimate system events.||LOG_EMERG|
|Alerts||1||Identifies problems which need immediate attention such as device is being attacked.||LOG_ALERT|
|Critical||2||Identifies urgent problems, such as hardware failure.||LOG_CRIT|
|Errors||3||Generates messages for system errors.||LOG_ERR|
|Warnings||4||Generates messages for warning.||LOG_WARNING|
|Notifications||5||Generates messages for notice and special attention.||LOG_NOTICE|
|Informational||6||Generates informational messages.||LOG_INFO|
|Debugging||7||Generates all debugging messages, including daily operation messages.||LOG_DEBUG|
Destination of Exported Logs
Log messages can be sent to the following destinations:
Console - The default output destination. You can close this destination via CLI.
Remote - Includes Telnet and SSH.
Buffer - Memory buffer.
File - By default, the logs are sent to the specified USB destination in form of a file.
Syslog Server - Sends logs to UNIX or Windows Syslog Server.
Email - Sends logs to a specified email account.
Local database - Sends logs to the local database of the device.
To facilitate the access and analysis of the system logs,
2000-02-05 01:51:21, WARNING@LOGIN: Admin user "admin" logged in through console from localhost.