HP VPN Firewall Appliances System Management and Maintenance Configuration Guide
97
Ste
p
Command
Remarks
2. Configure the user logging
version.
userlog flow export version
version-number
Optional.
The default version is 1.0.
Although the device supports two
versions, only one can be active at
one time. Therefore, if you
configure the user logging version
multiple times, the most recent
configuration takes effect.
Configuring the source address for user logs
A source IP address is usually used to uniquely identify the sender of a packet. Suppose Device A sends
flow logs to Device B. Device A uses the specified IP address instead of the actual egress address as the
source IP address of the packets. In this way, although Device A sends out packets to Device B through
different ports, Device B can judge whether the packets are sent from Device A according to their source
IP addresses. This function also simplifies the configurations of ACLs and security policies. You only need
to specify one address to filter packets from or to a device.
To configure the source address for user logs:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Specify the source IP address
of user logs.
userlog flow export source-ip
ip-address
Optional.
By default, the source IP address of
user logs is the IP address of the
egress interface.
Configuring the timestamps for user logs
User logs can be recorded in UTC or localtime:
• UTC—Coordinated Universal Time, loosely defined as current date and time of day in Greenwich,
England.
• Localtime—Coordinated Universal Time (UTC) plus the UTC offset.
To configure the timestamps for user logs:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Configure the system to record
user logs in localtime.
userlog flow export timestamps
localtime
Optional.
By default, user logs are recorded
in UTC.