Manualshelf

R3721-F3210-F3171-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
81828384858687888990
73
Outputting log information to a Linux log host
Network requirements
Configure the Firewall to send log information that has a severity level of at least informational to the
Linux log host at 1.2.0.1/16.
Figure 27 Network diagram
Configuration procedure
Before the configuration, make sure that the Firewall and PC can reach each other. (Details not shown.)
1. Configure the Firewall
# Enable the information center.
<Firewall> system-view
[Firewall] info-center enable
# Specify the host 1.2.0.1/16 as the log host. Use channel loghost to output log information
(optional, loghost by default), and use local5 as the logging facility.
[Firewall] info-center loghost 1.2.0.1 channel loghost facility local5
# Disable the output of log, trap, and debugging information of all modules on channel loghost.
[Firewall] info-center source default channel loghost debug state off log state off
trap state off
To avoid outputting unnecessary information, disable the output of log, trap, and debugging
information on the specified channel (loghost in this example) before you configure an output rule.
# Configure an output rule to output log information of all modules that has a severity of at least
informational to the log host.
[Firewall] info-center source default channel loghost log level informational state
on
2. Configure the log host
a. Log in to the log host as a root user.
b. Create a subdirectory named Firewall under directory /var/log/, and create file info.log
under the Firewall directory to save logs of Firewall.
# mkdir /var/log/Firewall
# touch /var/log/Firewall/info.log
c. Edit file /etc/syslog.conf and add the following contents.
# Firewall configuration messages
local5.info /var/log/Firewall/info.log
In the above configuration, local5 is the name of the logging facility used by the log host to receive logs.
info is the information level. The Linux system will record the log information with severity level equal to
or higher than informational to file /var/log/Firewall/info.log.