Symantec 360R Administration Guide - Page 121

Logging, monitoring and updates 121 Managing logging Using Syslog Sending log messages to a Syslog server lets you store log messages for long term. A Syslog server listens for log entries forwarded by the appliance and stores all log information for future analysis. The Syslog server can be on the LAN or WAN, or behind a VPN tunnel. Note: The date and time on messages in the Syslog server are the time they arrived at the Syslog server, and not the time that the appliance logged the event that triggered the log message. To use Syslog See "Log Settings tab field descriptions" on page 155. 1 In the SGMI, in the left pane, click Logging/Monitoring. 2 In the right pane, on the Log Settings tab, under Syslog, in the Syslog Server text box, type the IP address of a host running a standard Syslog utility to receive the log file. 3 Click Save. Configuring and verifying SNMP The appliance supports Simple Network Management Protocol (SNMP) version 1.0 and generates network event alert messages, copies them into an SNMP TRAP or GET with the associated community name, and then sends them to registered SNMP servers. This capability lets the appliance report status information to network-wide SNMP-based management applications. The appliance generates SNMP messages for the following events: ■ Cold start-up of the appliance ■ SGMI authentication failure ■ Ethernet WAN ports up and down ■ No trap when WAN ports comes alive as part of system startup ■ WAN disconnect ■ WAN coming back after a previous disconnect ■ Serial WAN port (PPPoE or Analog) ■ WAN Link up (connected) ■ WAN Link down (disconnected) A GET is a request from the SNMP server for status information from the Symantec Gateway Security 300 Series appliance. The appliance supports all