Manualshelf

R3721-F3210-F3171-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
919293949596979899100
85
Export Version 3 logs to log server : enabled
Source address of exported logs : 2.2.2.2
Address of log server : 1.2.3.6 (port: 2000)
total Logs/UDP packets exported : 112/87
Logs in buffer : 6
Troubleshooting user logging
Symptom 1: No flow log is exported
Analysis: Neither of the export approach is specified.
Solution: Configure to export the flow logs to the information center or to the log server.
Symptom 2: Flow logs cannot be exported to log server
Analysis: Both of the export approaches are configured.
Solution: Restore to the default, and then configure the IP address and UDP port number of the log
server.
Configuring session logging
NOTE:
The session logging configuration is available only in the web interface.
Session logging records users' access information, IP address translation information, and traffic
information, and can output the records in a specific format to a log host, allowing administrators to
perform security auditing.
Session logging records an entry for a session if it reaches the specified threshold. Session logging
supports two categories of thresholds:
Time threshold—When the lifetime of a session reaches this threshold, a log entry is output for the
session.
Traffic threshold—The traffic threshold can be in units of the number of bytes or the number of
packets. When the traffic of a session reaches the specified number of bytes or packets, a log entry
is output for the session.
NOTE:
For more information about session management, see
Access Control Configuration Guide
.
Session logs are output in the format of user logs. To view session logs, you also need to configure user
logging.
Perform the tasks in Table 15 to configure session logging.
Table 15 Session logging configuration task list
Task Remarks
Configuring a session logging
policy
Required
Configure a session logging policy, specifying the source zone and
destination zone of the sessions and the ACL for filtering log entries.
By default, no session logging policy exists.