firewall log host heartbeat tx-interval max-time

Application scenario

You can set the interval for the FW to send heartbeat detection packets to the eLog log host and the consecutive number of times that the log host does not respond to the heartbeat detection packets.

For example, if you set internal-time to 1 and max-time to 4, the FW sends heartbeat detection packets to the eLog log host every one second and stops sending logs to the eLog log host after three consecutive failures to receive heartbeat response packets from it. Although the FW stops sending logs, it continues to perform heartbeat detection. When it receives a heartbeat response packet again from the eLog log host within a specified period of time, it continues to send logs to this log host.

When detecting that the heartbeat status of the eLog log host is abnormal, the FW sends alarm FWD_1.3.6.1.4.1.2011.6.122.15.3.6.1 hwSecStatLogHostDown to notify you that the log host is abnormal. When receiving a heartbeat response packet from the log host, the FW sends alarm FWD_1.3.6.1.4.1.2011.6.122.15.3.6.2 hwSecStatLogHostUp to notify you that the log host is restored to normal.

Precautions

The FW can be enabled to send heartbeat detection packets to the eLog log host but not to a third-party log host.

This function is supported only when the FW directly sends logs to the eLog log host but not when it sends logs to the log host through the information center.

This command takes effect when the firewall log host heartbeat enable command is executed to enable the function of sending heartbeat detection packets to a log host.