HP VPN Firewall Appliances System Management and Maintenance Configuration Guide
87
NOTE:
Be aware of the following issues while editing file /etc/syslog.conf:
• Comments must be on a separate line and must begin with a pound sign (#).
• No redundant spaces are allowed after the file name.
• The logging facility name and the information level specified in the /etc/syslog.conf file must be
identical to those configured on the firewall by using the info-center loghost and info-center
source commands. Otherwise, the log information might not be output properly to the log host.
d. Display the process ID of syslogd, kill the syslogd process, and then restart syslogd using the –r
option to make the new configuration take effect.
# ps -ae | grep syslogd
147
# kill -9 147
# syslogd -r &
Make sure the syslogd process is started with the -r option on a Linux log host.
Now, the system can record log information into the log file.
Saving security logs into the security log file
Network requirements
• Save security logs into the security log file cfa0:/securitylog/seclog.log every one hour.
• Specify the directory for saving the security log file, view the contents of the security log file, and
back up the security log file the SFTP server. Only the security log administrator can perform these
operations.
Figure 31 Network diagram
Configuration considerations
The configuration in this example includes two parts:
1. Log in to the firewall as the system administrator
{ Enable saving of security logs into the security log file and set the saving interval to one hour.