WatchGuard Technologies FireboxTM System 4.6 User Manual

Page 85

Advertising
background image

User Guide

75

Setting global logging and notification preferences

Starting and stopping the Event Processor

The Event Processor starts automatically when you start the host on which it resides.
However, it is possible to stop or restart the Event Processor from its interface at any
time. Open the Event Processor interface:

• To start the Event Processor, select File => Start Service.

• To stop the Event Processor, select File => Stop Service.

Setting the log encryption key

The log connection (but not the log file) between the Firebox and an Event Processor
is encrypted for security purposes. Both the Management Station and the Event
Processor must possess the same encryption key.

From the LiveSecurity Event Processor:

1

Select File => Set Log Encryption Key.

2

Enter the log encryption key in both text boxes. Click OK.

Setting global logging and notification preferences

The LiveSecurity Event Processor lists the connected Firebox and displays its status. It
has three control areas:

Log File tab – Specify the maximum number of records stored in the log file.

Reports tab – Schedule regular reports of log activity.

Notification tab – Control to whom and how notification takes place.

Together, these controls set the general parameters for most global event processing
and notification properties.

Setting the interval for log rollover

Log records accumulate at different rates depending on the volume of network traffic
and the logging and notification settings configured for services and properties. You
can control when the Event Processor rolls log entries from one file to the next using
the Log Files tab in the Event Processor. For example, configure the Event Processor
to roll over from one log file to the next by time interval, number of entries, or both.
From the Event Processor interface:

1

Click the Log Files tab.

2

For a time interval, enable the By Time Interval checkbox. Select the frequency.
Use the Schedule First Log Roll For drop list to select a date. Use the scroll
control or enter the first time of day.

You must enter an encryption key in order for the Event Processor to receive

logs from the Firebox. It must be the same key used when adding an Event

Processor to the Management Station.

Advertising
Popular Brands
Popular manuals