Logs

The firewall provides extensive logging capabilities for traffic, system activities, and network protection. Logs include analyses of network activity that let you identify security issues and reduce malicious use of your network. You can send logs to a syslog server or view them through the log viewer.

Example logs

6/12/2015 1:46 PM,Info,10.20.22.173,timezone=""IST"" device_name=""SG135"" device_id=SFDemo1234567890 log_id=062009617501 log_type=""Event"" log_component=""GUI"" log_subtype=""Admin"" status=""Successful"" priority=Information user_name=""admin"" src_ip=10.20.20.15 SSL_VPN_POLICY_NAME='RA' message=""SSL VPN Policy 'RA' was added by 'admin' from '10.20.20.15' using 'GUI'""
6/9/2015 1:29 PM,Info,10.20.22.172,timezone=""IST"" device_name=""SG135"" device_id=SFDemo1234567890 log_id=010302602002 log_type=""Security Policy"" log_component=""Appliance Access"" log_subtype=""Denied"" status=""Deny"" priority=Information duration=0 fw_rule_id=0 policy_type=0 user_name="""" user_gp="""" iap=0 ips_policy_id=0 appfilter_policy_id=0 application="""" application_risk=0 application_technology="""" application_category="""" in_interface=""eth0"" out_interface="""" src_mac=00:90:fb:37:6e:0e src_ip=10.20.21.89 src_country_code= dst_ip=10.20.23.255 dst_country_code= protocol=""UDP"" src_port=137 dst_port=137 sent_pkts=0 recv_pkts=0 sent_bytes=0 recv_bytes=0 tran_src_ip= tran_src_port=0 tran_dst_ip= tran_dst_port=0 srczonetype="""" srczone="""" dstzonetype="""" dstzone="""" dir_disp="""" connid="""" vconnid="""" hb_health=""No Heartbeat""