Managing security logs, Saving security logs into the security log file, Managing the security log file – H3C Technologies H3C MSR 5600 User Manual

209

Managing security logs

Security logs are very important for locating and troubleshooting network problems. Generally, security
logs are output together with other logs. It is difficult to identify security logs among all logs.
To solve this problem, you can save security logs into a security log file without affecting the current log

output rules.

Saving security logs into the security log file

After you enable the saving of the security logs into the security log file, the system first outputs security

logs to the security log file buffer, and then saves the logs from the security log file buffer into the security
log file at a specified interval (the security log administrator can also manually save security logs into the

log file). After the security logs are saved, the buffer is cleared immediately.
The security log file has a specific capacity. When the capacity is reached, the system will replace

earliest security logs with new logs. To avoid security log loss, you can set an alarm threshold for the
security log file usage. When the alarm threshold is reached, the system outputs a message to inform the

administrator. The administrator can log in to the device as the security log administrator and back up

the security log file to prevent the loss of important data.
To save security logs into the security log file:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable the information center. info-center enable

By default, the information center is
enabled.

3.

Enable the saving of the
security logs into the security

log file.

info-center security-logfile enable

By default, the function is disabled.

4.

Set the interval at which the

system saves security logs.

info-center security-logfile
frequency freq-sec

The default saving interval is
86400 seconds.

5.

(Optional.) Set the maximum

size of the security log file.

info-center security-logfile
size-quota size

The default setting is 10 MB.

6.

(Optional.) Set the alarm
threshold of the security log

file usage.

info-center security-logfile
alarm-threshold usage

By default, the alarm threshold of
the security log file usage is 80.

When the usage of the security log
file reaches 80%, the system will

inform the user.

Managing the security log file

To manage and maintain the security log file, the security log administrator must pass local AAA

authentication first. For more information about security log administrator, see Security Configuration

Guide.
To manage the security log file: