Monitoring System Access and Performance
478
ProSecure Unified Threat Management (UTM) Appliance
Query the Logs
The UTM generates logs that provide detailed information about malware threats and traffic
activities on the network. You can view these logs through the web management interface or
save the log records in CSV or HTML format and download them to a computer (the
downloading option is not available for all logs).
Note: For information about the quarantine logs, which are stored
externally, see Query the Quarantine Logs on page 485.
When you reboot the UTM, the logs are lost. If you want to save
the logs, make sure that you configure the UTM to send the logs to
a syslog server. For information about how to do this, and also
about how to email logs, see Configure and Activate System,
Email, and Syslog Logs on page 439.
The UTM provides 13 types of logs:
• Traffic. All scanned incoming and outgoing traffic.
• Spam. All intercepted spam.
• System. The system event logs that you have specified on the Email and Syslog screen
(see Configure and Activate System, Email, and Syslog Logs on page 439). However, by
default, many more types of events are logged in the system logs.
• Service. All events that are related to the status of scanning and filtering services that
you access from the Application Security main navigation menu. These events include
update success messages, update failed messages, network connection errors, and so
on.
• Malware. All intercepted viruses, spyware, and other malware threats.
• Email filters. All emails that are blocked because of file extension and keyword
violations.
• Content filters. All attempts to access blocked websites and URLs.
• IPS. All IPS events.
• Anomaly Behavior. All port scan and DDoS events.
• Application. All instant messaging, peer-to-peer and media application, and tool access
violations.
• Firewall. The firewall logs that you have specified on the Firewall Logs screen (see
Configure and Activate Firewall Logs on page 448).
• IPSec VPN. All IPSec VPN events.
• SSL VPN. All SSL VPN events.
To Next Page
Loading...
Need help?
General