This section describes basic concepts and functions of logs.
Logs are the information generated during the running process of the FW, which record the operating condition of each function module and the running status of each service on the network. By viewing these logs, the administrator can learn about the running status of the FW, and be familiar with the service status, security condition and traffic trend on the network in real time. In addition, the administrator can review the information and locate faults by viewing logs.
The FW supports outputting multiple types of logs. The functions of these logs vary. Details are as follows:
Session logs
After processing a packet, the FW sets up a session for it. The FW supports session logs. You can enable the FW to output session logs after a session ages, when a session is created, or regularly.
Packet discard logs
After discarding a packet, the FW logs the packet information and packet discard cause. The packet discard cause may be session table mismatching, failure to match any security policy.
Service logs
The FW identifies and controls traffic based on applications and services, and records logs. The FW can output service logs, such as threat logs, content logs, mail filtering logs, URL filtering logs, audit logs, and policy matching logs.
System logs
The FW can output the operating information about functional modules, you can refer to the Log Reference to learn system log information generated by the functional modules on the FW.
Port pre-allocation (NAT Port Range) logs provide visibility into port pre-allocation and incremental allocation information on the FW (CGN) and help implement NAT source tracing.