System Logs and Error Messages
607
ProSecure Unified Threat Management (UTM) Appliance
Content-Filtering and Security Logs
This section describes the log messages that are generated by the content-filtering and
security mechanisms.
Web Filtering and Content-Filtering Logs
This section describes logs that are generated when the UTM filters web content.
Message 2007 Oct 1 00:44:17 [UTM] [kernel]
[INVALID][REOPEN_CLOSE_CONN][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation Attempt to reopen or close a session.
Recommended Action None.
Message 2007 Oct 1 00:44:17 [UTM] [kernel]
[INVALID][OUT_OF_WINDOW][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation Packet not in TCP window.
Recommended Action None.
Message 2007 Oct 1 00:44:17 [UTM] [kernel]
[INVALID][ERR_HELPER_ROUTINE][DROP] SRC=192.168.20.10
DST=192.168.20.2 PROTO=TCP SPT=23 DPT=54899
Explanation Error returned from helper routine.
Recommended Action None.
Table 172. Content-filtering and security logs: web filtering and content filtering
Message 2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
SizeLimit Block
Explanation Logs that are generated when web content is blocked because the allowed size
limit is exceeded. The message shows the date and time, protocol, domain, user,
client IP address, server IP address, URL, reason for the action, and the action that
is taken.
Recommended Action None.
Table 171. System logs: invalid packets (continued)
To Next Page
Loading...
Need help?
General