Logs

Logs provide insight into network activity and system events that let you identify security issues and see which of the configured rules apply. You can send logs to a syslog server or view them through the log viewer. Using data anonymization, you can encrypt identities in logs and reports.

Local logs

Local logs are the log files you can see using the log viewer or the command-line interface. They're also the basis for the reports in XG Firewall.

Find detailed information on local logs in Log file details.

Syslog information

Find detailed information about syslog IDs, types, messages, and their meaning in the Syslog log file guide.

The log ID is a twelve-character code in the following format:

c1c2c3c4c5c6c7c8c9c10c11c12

Composition:

c1c2: Log type ID
c3c4: Log component ID
c5c6: Log subtype ID
c7: Priority
c8c9c10c11c12: Message ID

Example:

010101600001

c1c2: 01 (Security policy)

c3c4: 01 (Firewall rule)

c5c6: 01 (Allowed)

c7: 6 (Information)

c8c9c10c11c12: 00001 (Firewall traffic allowed)

Logs

Local logs

Syslog information

Machine translation disclaimer