beautypg.com

Saving security logs into the security log file – H3C Technologies H3C SecPath F1000-E User Manual

Page 80

background image

69

Step Command

Remarks

6.

Configure the maximum size
of the log file.

info-center logfile size-quota size

Optional.
By default, the maximum size of a

log file is 10 MB.
To ensure normal operation, set the
size to a value between 1 MB and

10 MB.

7.

Configure the directory to
save the log file.

info-center logfile switch-directory

dir-name

Optional.
By default, the log file is saved in
the logfile directory under the root

directory (specified by the device)

of the storage device.
The configuration made this
command cannot survive a system

reboot.

8.

Manually save the log file
buffer content to the log file.

logfile save

Optional.
By default, the system saves the log
file at an interval defined by the

info-center logfile frequency
command.
Available in any view.

Saving security logs into the security log file

Security logs are very important for locating and troubleshooting network problems. Generally, security

logs are output together with other logs. It is difficult to identify security logs among all logs.
To solve this problem, you can save security logs into a security log file without affecting the current log

output rules.
The configuration of this feature and the management of the security log file are separate. The security

log file is managed by a privileged user. After logging in to the device, the administrator can enable the

saving of security logs into the security log file and configure related parameters However, only the
privileged user, known as the security log administrator, can perform operations on the security log file.

The privileged user must pass AAA local authentication and log in to the device. No other users

(including the system administrator) can perform operations on the security log file.
A security log administrator is a local user who is authorized by AAA to play the security log
administrator role. You can authorize a security log administrator by executing the

authorization-attribute user-role security-audit command in local user view.
The system administrator cannot view, copy, or rename the security log file. If they try, the system displays

an "%Execution error" message. The system administrator can view, copy and rename other types of
files.
For more information about local user and AAA local authentication, see Access Control Configuration

Guide.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: