beautypg.com

Creating log receivers – Amer Networks E5Web GUI User Manual

Page 74

background image

Emergency

Alert

Critical

Error

Warning

Notice

Info

Debug

By default, cOS Core sends all messages of level Info and above to any configured log servers but
the level for sending can be changed by the administrator. The Debug severity is intended for
system troubleshooting only and should only be used if required. All log event messages of all
severity levels are listed in the separate cOS Core Log Reference Guide.

Event Message Timestamping

When a log messages are sent by cOS Core to external log receivers, they are always
timestamped with time expressed as UTC/GMT (Greenwich Mean Time). This means that it is easy
to compare events from a network consisting of many security gateways spread over different
time zones.

The exception to this is log messages displayed through Memlog which are always stamped with
the current system time.

2.2.3. Creating Log Receivers

To distribute and log the event messages generated by cOS Core, it is necessary to define one or
more event receivers that specify what events to capture, and where to send them.

cOS Core can distribute event messages to different types of receivers and these are enabled by
creating any of the following Log Receiver objects.

MemoryLogReceiver

cOS Core has its own logging mechanism also known as the MemLog. This retains all event
log messages in memory and allows direct viewing of recent log messages through the Web
Interface.

This is enabled by default but can be disabled.

This receiver type is discussed further below in Section 2.2.4, “Logging to MemoryLogReceiver”.

Syslog Receiver

Syslog is the de-facto standard for logging events from network devices. If other network
devices are already logging to Syslog servers, using syslog with cOS Core messages can
simplify overall administration.

This receiver type is discussed further below in Section 2.2.5, “Logging to Syslog Hosts”.

FWLog

The Clavister proprietary format for logging event messages, the FWLog format has a high
level of detail and is suitable for analyzing large amounts of log data.

This receiver type is discussed further below in Section 2.2.6, “Logging to the Clavister Logger”.

SNMP Traps

Chapter 2: Management and Maintenance

74

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: