D-Link DFL-700 Product Manual - Page 25

The D-Link DFL-700 specifies a number of events that can be logged. Some of these events, such as startup and shutdown, are mandatory and will always generate log entries. Other events, for instance when allowed connections are opened and closed, are configurable. It is also possible to have E-mail alerting for IDS/IDP events to up to three email addresses. Enable Logging Follow these steps to enable logging. Step 1. Enable SYSLog by checking the SYSLog box. Step 2. Fill in your first SYSLog server as SYSLog server 1. If you have two SYSLog servers, you have to fill in the second one as SYSLog server 2. You must fill in at least one SYSLog server for logging to work. Step 3. Specify what facility to use by selecting the appropriate SYSLog facility. Local0 is the default facility. Click the Apply button below to apply the settings or click Cancel to discard changes. Enable Audit Logging To start auditing all traffic through the firewall, follow the steps below. This is required when running third party log analyzers on the logs or to see how much traffic specific connections account for. Follow these steps to enable auditing. Enable SYSLog by checking the Enable Audit Logging box. Click the Apply button below to apply the settings or click Cancel to discard changes. Enable E-mail alerting for IDS/IDP events Follow these steps to enable E-mail alerting. Step 1. Enable E-mail alerting by checking the Enable E-mail alerting for IDS/IDP events checkbox. Step 2. Choose the sensitivity level. Step 3. In the SMTP Server field, fill in the SMTP server to which the DFL-700 will send the e-mail alerts. Step 4. Specify up to three valid email addresses to receive the e-mail alerts. Click the Apply button below to apply the settings or click Cancel to discard changes.