HP VPN Firewall Appliances System Management and Maintenance Configuration Guide
86
Outputting log information to a Linux log host
Network requirements
Configure the firewall to send log information that has a severity level of at least informational to the Linux
log host at 1.2.0.1/16.
Figure 30 Network diagram
Configuration procedure
Before the configuration, make sure the firewall and the log host can reach each other. (Details not
shown.)
1. Configure the firewall:
# Enable the information center.
<Firewall> system-view
[Firewall] info-center enable
# Specify the host 1.2.0.1/16 as the log host, use the channel loghost to output log information
(optional, loghost by default), and specify local5 as the logging facility.
[Firewall] info-center loghost 1.2.0.1 channel loghost facility local5
# Configure an output rule to allow all modules to output log information that has a severity level
of at least informational to channel loghost.
[Firewall] info-center source default channel loghost log level informational state
on debug state off trap state off
Disable the output of unnecessary information of all modules on the specified channel in the output
rule.
2. Configure the log host:
a. Log in to the log host as a root user.
b. Create a subdirectory named Firewall in the directory /var/log/, and create file info.log in the
Firewall directory to save logs from the firewall.
# mkdir /var/log/Firewall
# touch /var/log/Firewall/info.log
c. Edit the file syslog.conf in the directory /etc/ and add the following contents.
# Firewall configuration messages
local5.info /var/log/Firewall/info.log
In this configuration, local5 is the name of the logging facility used by the log host to receive
logs. info is the information level. The Linux system will record the log information with a
severity level of at least informational to file /var/log/Firewall/info.log.