The ips log extend enable command enables the function of outputting extended information of IPS logs.
The undo ips log extend enable command disables the function of outputting extended information of IPS logs.
By default, the function of outputting extended information of IPS logs is disabled.
After the extended information output function for IPS logs is enabled using the ips log extend enable command, the FW parses the matched attack packets based on the configured evidence collection field and records the obtained collection field content in the extended information. The maximum length of the content that can be carried and sent is 189 bytes.
This field is not displayed on the FW. It is added only when the FW sends IPS logs in syslog format to the log server. The field content can be sent in Base64 encoding format or non-Base64 encoding format.