HP VPN Firewall Appliances Access Control Configuration Guide
123
Configuring session logging
Session logs help track information about user access, IP address translation, and traffic, and can be sent
to the log server or exported to the information center in flow log format. It can help network
administrators in security auditing.
Enabling session logging
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter system view of the
virtual device.
switchto vd vd-name
Required for non-default virtual
devices.
3. Create an interzone instance
and enter interzone view.
interzone source source-zone-name
destination destination-zone-name
By default, no interzone
instances exist.
4. Enable session logging.
session log enable [ acl acl-number ] Disabled by default.
Setting session logging thresholds
You can set thresholds to trigger recording and outputting session logs. The thresholds include:
• Holdtime threshold—The system outputs a session log when the holdtime of a session reaches the
preset threshold.
• Traffic threshold—The system outputs a session log when the number of packets or byte count of a
session reaches the preset threshold.
If you specify both the holdtime threshold and traffic threshold, the system performs session logging
according to the threshold that is first reached, and then clears all statistics.
If you specify both the packet count threshold and byte count threshold, only the one specified last takes
effect.
To set session logging thresholds:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Set the holdtime
threshold for session
logging.
session log time-active time-value
Optional.
0 by default, which means that the
system does not output session logs
based on session holdtime threshold.
3. Configure the traffic
threshold for session
logging.
• Set the packet count threshold:
session log packets-active
packets-value
• Set the byte count threshold:
session log bytes-active bytes-value
Optional.
0 by default, which means that the
system does not output session logs
based on packet count threshold or
byte count threshold.
Configuring session log export
Session logs are exported in the form of flow logs.
To configure session log exporting: