R3166-R3206-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

Table 11 Syslog configuration items

Item Descri

tion

Log Buffer Size

Set the number of syslogs that can be stored in the log buffer.

Clear Log

To clear the logs in the log buffer, click this button.

Log Host1

Set the IP addresses and port number of the syslog log hosts.

The log information can be reported to the specified remote log hosts in the format

of syslog, and you can specify up to four syslog log hosts.

Log Host2

Log Host3

Log Host4

Refresh Period

Set the refresh period on the log information displayed on the log report Web

interface.

You can select manual refresh or automatic refresh:

• Manual: You need to refresh the Web interface when displaying log report

information.

• Automatic: You can select to refresh the Web page every 10 seconds, 30

seconds, 1 minute, 5 minutes, or 10 minutes.

Configuring user logging

User logs can be output in the following two formats, and you can select either one. At present, the device

support flow logging only.

• Output to the information center of the device in the format of system information, and the

information center then decides the output destination.

• Output to the specified userlog log host in UDP packets in binary format.

Flow logging Introduction

NOTE:

t present, flow lo

s refer to session lo

s only. To

enerate flow lo

s, you need to confi

ure session

logging.

Flow logging records users’ access information to the external network. The device classifies and

calculates flows through the 5-tuple information, which includes source IP address, destination IP address,

source port, destination port, and protocol number, and generates user flow logs. Flow logging records

the 5-tuple information of the packets and number of the bytes received and sent. With flow logging,

administrators can track and record accesses to the network, facilitating the availability and security of

the network.

Two versions are available with flow logging: version 1.0 and version 3.0, which are slightly different in

packet format.

Table 12 Packet format in flow logging version 1.0

Field Descri

tion

SourceIP Source IP address

DestIP Destination IP address