Monitoring System Access and Performance
460
ProSecure Unified Threat Management (UTM) Appliance
To view the most recent entries, click Refresh. To delete all the existing log entries, click
Clear Log.
Query the Logs
The UTM generates logs that provide detailed information about malware threats and traffic
activities on the network. You can view these logs through the web management interface or
save the log records in CSV or HTML format and download them to a computer (the
downloading option is not available for all logs).
Note: For information about the quarantine logs, which are stored
externally, see Query the Quarantine Logs (UTM9S Only) on
page 467.
When you reboot the UTM, the logs are lost. If you want to save
the logs, make sure that you configure the UTM to send the logs to
a syslog server. For information about how to do this, and also
about how to email logs, see Configure and Activate System,
Email, and Syslog Logs on page 423.
The UTM provides 13 types of logs:
• Traffic. All scanned incoming and outgoing traffic.
• Spam. All intercepted spam.
• System. The system event logs that you have specified on the Email and Syslog screen
(see Configure and Activate System, Email, and Syslog Logs on page 423). However, by
default, many more types of events are logged in the system logs.
• Service. All events that are related to the status of scanning and filtering services that you
access from the Application Security main navigation menu. These events include update
success messages, update failed messages, network connection errors, and so on.
• Malware. All intercepted viruses, spyware, and other malware threats.
• Email filters. All emails that are blocked because of file extension and keyword
violations.
• Content filters. All attempts to access blocked websites and URLs.
• IPS. All IPS events.
• Port scan. All port scan events.
• Application. All instant messaging, peer-to-peer and media application, and tool access
violations.
To Next Page
Loading...
Need help?
General
