beautypg.com

Logs, 1 logs overview, 1 alerts – ZyXEL Communications P-2302HWL-P1 Series User Manual

Page 251: 2 syslog logs, Chapter 21 logs, Table 107 syslog logs

background image

P-2302HW/HWL-P1 Series User’s Guide

Chapter 21 Logs

251

C

H A P T E R

2 1

Logs

Use these screens to look at log entries and alerts and to configure the ZyXEL Device’s log
and alert settings.

21.1 Logs Overview

For a list of log messages, see

Section 21.3 on page 256

.

21.1.1 Alerts

An alert is a type of log that warrants more serious attention. Some categories such as System
Errors consist of both logs and alerts.

21.1.2 Syslog Logs

There are two types of syslog: event logs and traffic logs. The device generates an event log
when a system event occurs, for example, when a user logs in or the device is under attack.
The device generates a traffic log when a "session" is terminated. A traffic log summarizes the
session's type, when it started and stopped the amount of traffic that was sent and received and
so on. An external log analyzer can reconstruct and analyze the traffic flowing through the
device after collecting the traffic logs.

Table 107 Syslog Logs

LOG MESSAGE

DESCRIPTION

Event Log: Mon dd
hr:mm:ss hostname
src=""
dst="" msg=""
note="" devID=""
cat=""

This message is sent by the system ("RAS" displays as the
system name if you haven’t configured one) when the router
generates a syslog. The facility is defined in the Log
Settings screen. The severity is the log’s syslog class. The
definition of messages and notes are defined in the various
log charts throughout this chapter. The “devID” is the MAC
address of the router’s LAN port. The “cat” is the same as
the category in the router’s logs.

Traffic Log: Mon
dd hr:mm:ss hostname
src=""
dst="" msg="Traffic Log"
note="Traffic Log" devID="address>" cat="Traffic Log"
duration=seconds sent=sentBytes
rcvd=receiveBytes dir=""
protoID=IPProtocolID
proto="serviceName"

This message is sent by the device when the connection
(session) is closed. The facility is defined in the Log
Settings screen. The severity is the traffic log type. The
message and note always display "Traffic Log". The "proto"
field lists the service name. The "dir" field lists the incoming
and outgoing interfaces ("LAN:LAN", "LAN:WAN",
"LAN:DEV" for example).

This manual is related to the following products:
See also other documents in the category ZyXEL Communications Hardware: