Chapter 15 reviewing and working with log files, Viewing files with logviewer, Chapter 15 – WatchGuard Technologies FireboxTM System 4.6 User Manual

User Guide

103

CHAPTER 15

Reviewing and Working with Log
Files

Log entries are stored on the primary and backup LiveSecurity Event Processor. By
default, log files are placed in the WatchGuard installation directory in a subdirectory
called \logs. The log file to which the Event Processor is currently writing records is
named Firebox IP.

wgl

. In addition, the Event Processor creates an index file in the

same directory by the same name with the extension .idx. When Event Processor rolls
a log file over, it saves the old files as Firebox IP Time Stamp

.wgl

and Firebox IP Time

Stamp

.idx

.

Both the

.wgl

and

.idx

files are necessary to use any monitoring or log

display tool.

For more information about the LiveSecurity Event Processor and configuring
logging, see “Setting Up Logging and Notification” on page 69.

Viewing files with LogViewer

The WatchGuard Firebox System utility called LogViewer provides a dynamic
display of log file data. You can view all log data page by page, or search and display
by keyphrases or specific log fields.

Starting LogViewer and opening a log file

From Control Center:

1

Click the LogViewer icon (shown at right).

LogViewer opens and the Load File dialog box appears.

2

Browse to select a log file. Click Open.

By default, logs are stored in a subdirectory of the WatchGuard installation

directory called \logs. LogViewer opens and displays the selected log file.

Setting LogViewer preferences

You can adjust the content and format of the display. From LogViewer:

1

Select View => Preferences.