Device Logs

Device Logs page allows to view the logs for modules like Application Filter, Web Filter, Malware and Firewall. This page gives consolidated information about all the events that have occurred.

To view logs of any of the managed Device, go to System & Monitor > Monitor > Event Viewer > Device Logs > and select module and Device and click Get Data.

Click Open PCAP to view packet capture. It will display the packet captures that are automatically filtered based on the values of the currently selected packet.

Click Download to export the logs in a CSV file. Hover over module icons for a detailed view.

Available Log Modules:
  • System – System logs provide information about all the system-related logs, including the logs for VPN events.
  • Web Filter – Web filter logs provide web surfing details like accessed/blocked sites, users trying to access the blocked websites etc. and the action taken by the device (Allowed or Blocked).
  • Application Filter – Application filter logs provide details about applications to which access was denied by the device.
  • Malware – Malware logs provide information about the viruses identified by the device.
  • Email – Email logs provide information about the mail traffic processed by the device.
  • Firewall – Firewall logs provide information about how much traffic passes through a particular firewall rule and through which interfaces.
  • IPS – IPS logs provide information about the intrusion attempts detected/blocked by the device.
  • Authentication – Authentication logs provide information about all the authentication logs including firewall, VPN and User Portal authentication.
  • Admin – Admin logs provide information about administrator event and tasks.
  • WAF – WAF logs provide information about HTTP/S requests and action taken on the same.
  • Advanced Threat Protection - ATP logs provide information related to threats detected/blocked by the device.
  • Security Heartbeat - Security Heartbeat logs provide information on Heartbeat connection and status.