D-Link DFL-260E User Manual for DFL-260E - Page 60
Creating Log Receivers, 2.2.4. Logging to MemoryLogReceiver, 2.2.5. Logging to Syslog Hosts
View all D-Link DFL-260E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 60 highlights
2.2.3. Creating Log Receivers Chapter 2. Management and Maintenance • Debug By default, NetDefendOS sends all messages of level Info and above to any configured log servers but the level for sending can be changed by the administrator. The Debug severity is intended for system troubleshooting only and should only be used if required. All log event messages of all severity levels are listed in the separate NetDefendOS Log Reference Guide. 2.2.3. Creating Log Receivers To distribute and log the event messages generated by NetDefendOS, it is necessary to define one or more event receivers that specify what events to capture, and where to send them. NetDefendOS can distribute event messages to different types of receivers and these are enabled by creating any of the following Log Receiver objects. • MemoryLogReceiver NetDefendOS has a single built in logging mechanism also known as the MemLog. This retains all event log messages in memory and allows direct viewing of recent log messages through the Web Interface. This is enabled by default but can be disabled. This receiver type is discussed further below in Section 2.2.4, "Logging to MemoryLogReceiver". • Syslog Receiver Syslog is the de-facto standard for logging events from network devices. If other network devices are already logging to Syslog servers, using syslog with NetDefendOS messages can simplify overall administration. This receiver type is discussed further below in Section 2.2.5, "Logging to Syslog Hosts". 2.2.4. Logging to MemoryLogReceiver The MemoryLogReceiver (also known as Memlog) is an optional NetDefendOS feature that allows logging direct to memory in the NetDefend Firewall instead of sending messages to an external server. These messages can be examined through the standard user interfaces. Memory for Logging is Limited Memlog memory available for new messages is limited to a fixed predetermined size. When the allocated memory is filled up with log messages, the oldest messages are discarded to make room for newer incoming messages. This means that MemLog holds a limited number of messages since the last system initialization and once the buffer fills they will only be the most recent. This means that when NetDefendOS is creating large numbers of messages in systems with, for example, large numbers of VPN tunnels, the Memlog information becomes less meaningful since it reflects a limited recent time period. Disabling Memory Logging The MemoryLogReceiver object exists by default in NetDefendOS. If this receiver is not required then it can be deleted and this type of logging will be switched off. 2.2.5. Logging to Syslog Hosts 60