3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

181

182

183

184

185

186

187

188

189

190

182 CHAPTER 11: LOG MAINTENANCE

In the Firewall module, the log information about attack prevention, traffic

monitoring, blacklist and address binding are generated in little capacities.

Therefore, such logs are outputted in Syslog format. The information must be sent

to the Comware-based information center for log management and redirection. In

this case, you can choose to either display the log information on the terminal

screen or output the Syslog log to the log server for storage and analysis.

Conversely, log information about NAT/ASPF is generated in a large capacity, and

so the system directly outputs this type of log traffic in binary format to the log

server for storage and analysis, regardless of the Comware-based information

centre. Therefore, the transmission efficiency of binary-flow log seems to be

higher than that of Syslog log.

Configuring Syslog

Log

Syslog configuration includes:

■ Configuring Syslog log output format

■ Configuring the sweep time for the Syslog log buffer

■ Configuring the log redirection of the information center

Configuring Syslog Log

Output Format

Use this command to configure the output mode of the log to text format.

Perform the following configuration in system view.

By default, the output mode of the log is Syslog.

Configuring the Log

Redirection for the

Information Center

Generally, the log information exported to the information center is redirected in

the following ways:

■ Export information to the local console through the Console port.

■ Export information to the remote Telnet terminal, which can be used for

remote maintenances.

■ Allocate log buffer with proper size inside the Firewall module that can be used

to record information.

■ Configure log server to which the information center sends information

directly, and the information will be saved in the format of file for you to view it

anytime.

■ Allocate trap buffer with proper size inside the Firewall module, which can be

used to record information.

■ Export information to SNMP agent.

Perform the following configuration in system view.

Tabl e 196 Configure the output mode of the log to text format

Operation Command

Configure the output mode of the log to text format firewall session log-type syslog