Working with log files – WatchGuard Technologies FireboxTM System 4.6 User Manual

Page 116

Advertising
background image

Working with log files

106

IP header length

Length, in octets, of the IP header for this packet. A header length that is not
equal to 20 indicates that IP options were present. Default = Hide

TTL (time to live)

The value of the TTL field in the logged packet. Default = Hide

Source address

The source IP address of the logged packet. Default = Show

Destination address

The destination IP address of the logged packet. Default = Show

Source port

The source port of the logged packet. UDP or TCP only. Default = Show

Destination port

The destination port of the logged packet. UDP or TCP only. Default = Show

Details

Additional information appears after the previously described fields,
including data about IP fragmentation, TCP flag bits, IP options, and source
file and line number when in trace mode. If WatchGuard logging is in debug
or verbose mode, additional information is reported. In addition, the type of
connection may be displayed in parentheses. Default = Show

Working with log files

The Firebox is continually writing messages to log files on the LiveSecurity Event
Processor. Because current log files are always open, they cannot be copied, moved,
or merged using traditional copy tools; you should use LiveSecurity Event Processor
utilities to work with active log files.

Unlike with other Firebox System utilities, you cannot access the LiveSecurity Event
Processor user interface from Control Center. To open the Event Processor user
interface:

• Right-click the Event Processor icon in the Windows system tray and select

Open Log Center.

Consolidating logs from multiple locations

You can merge two or more log files into a single file. This merged file can then be
used with Historical Reports, LogViewer, HostWatch, or some other utility to
examine log data covering an extended period of time. From the LiveSecurity Event
Processor:

1

Select File => Copy or Merge Log Files.

2

Click Merge all files to one file. Enter the name of the merged file.

3

Enter the files to merge in the Files to Copy box.

Advertising
Popular Brands
Popular manuals