McAfee MAP-3300-SWG Product Guide - Page 269
System Log Settings, Table 268, Option definitions
UPC - 731944547008
View all McAfee MAP-3300-SWG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 269 highlights
Overview of System features Logging, Alerting and SNMP Access control list Table 268 Option definitions Option Definition Access control list The appliance is set to allow SNMP queries from all devices. We recommend that you change the settings to allow access from known devices only. Specify the IP address numbers of the devices that can read the appliance's MIB parameters. System Log Settings Use this page to specify standard or extended system logging and the events to be recorded in the system log. You can also send logs to off-box servers. System | Logging, Alerting and SNMP | System Log Settings Syslog is a method for delivering log information across a network, usually via UDP port 514. The syslog protocol and message format are defined in RFC 3164. Extended logging creates a structured output log file using the syslog protocol. The extended logging option provides name-value pairs for each logged event. Table 269 Option definitions Option Enable system log events Definition Enables system logging (syslog) information to be collected and delivered to the on-appliance logging system, or sent to an off-box solution. Select the type of logging format that you want to use. This option creates an output log file that is structured so that it can be easily read by third-party applications and used to generate custom reports. Due to the amount of data generated, we recommend that this option is only enabled when using TCP syslog. Choose from: • Original • Splunk • Arcsight Log events to the syslog for the following event types: Conversation events and Aggregated data events are not reported in the extended logging format. Click View the system logs to see the log files on the appliance. Specify the events to capture within the syslog. To prevent very large log files, we recommend that you record only events that you want to monitor closely, and deselect the events when you have finished. The appliance cannot store the transport events produced by heavy traffic for long periods. We recommend that you use the off-box syslog option to forward the transport events to a central syslog server. McAfee Email and Web Security Appliances 5.6.0 Product Guide 269