R3166-R3206-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101
65
Log management
The log management feature enables you to store the system messages or logs generated by actions such
as packet filtering to the log buffer or send them to the log hosts. The analysis and archiving of the logs
can enable you to check the security holes of the firewall, when and who try to disobey security policies,
and the types of the network attacks. The real-time logs can also be used to detect the ongoing attacks.
NOTE:
If a packet is invalid, the product drops it without logging, such as an IP packet with incorrect header
checksum or invalid destination IP address, or a raw IP Protocol 1, 6, 17 or 58 packet. You can see the
details by entering the debugging command in command line interface (CLI).
Configuring syslog
The syslog module allows you to set the related parameters of the information center. Acting as the system
information hub, the information center classifies and manages the system information, offering a
powerful support for network administrators and developers in monitoring the network performance and
diagnosing network problems. The information center can output the log information to the Web
interface for users to view the logs. Meanwhile, it can also output the log information to the specified
syslog log host based on your configuration.
Select Log Report > Syslog from the navigation tree to enter the page as shown in Figure 22.
Figure 22 Syslog