WSM User Guide - WatchGuard Technologies
WSM User Guide - WatchGuard Technologies WSM User Guide - WatchGuard Technologies
Setting up the Firebox for a Designated Log Server2 Click Configure. Click Add.The Add Event Processor dialog box appears.3 In the Log Server Address box, type the IP address of the Log Server you want to use.4 In the Encryption Key and Confirm boxes, type the Log Server encryption key. The allowed rangefor the encryption key is 8–32 characters. You can use all characters but spaces and slashes (/ or \).5 Click OK. Click OK to close the Configure Log Servers dialog box. Click OK to close the LoggingSetup dialog box.6 Save the changes to the Firebox to begin logging.You can verify that the Firebox is logging correctly. From WSM, select Tools > Firebox System Manager.In the Detail section on the left, next to Log Server, you should see the IP address of the log host.Setting Log Server priorityIf the Firebox cannot connect to the Log Server with the highest priority, it connects to the subsequentLog Server in the priority list. If the Firebox examines each Log Server in the list and cannot connect, ittries to connect to the first Log Server in the list again. You can create a priority list for Log Servers.1 From Policy Manager, select Setup > Logging.The Logging Setup dialog box appears.2 Click Configure.The Configure Log Servers dialog box appears.3 Select a Log Server from the list in the Configure Log Servers dialog box. Use the Up and Downbuttons to change the order.Activating syslog loggingSyslog is a log interface developed for UNIX but also used by a number of computer systems. You canconfigure the Firebox to send log information to a syslog server. A Firebox can send log messages to aLog Server and a syslog server at the same time, or send log messages to one or the other. Syslog logmessages are not encrypted. We recommend that you do not select a host on the external interface.1 From Policy Manager, select Setup > Logging.The Logging Setup dialog box appears.2 Select the Send Log Messages to the Syslog server at this IP address check box.3 In the address box, type the IP address of the syslog server.4 Click Configure.The Configure Syslog dialog box appears.84 WatchGuard System Manager
Setting up the Firebox for a Designated Log Server5 For each type of log message, select the syslog facility to which you want it assigned. Forinformation on types of log messages, see “Types of Log Messages” on page 90.The syslog facility refers to one of the fields in the syslog packet and to the file the syslog is sent to. You can useLocal0 for high priority syslog messages, such as alarms. You can use Local1- Local 7 to assign priorities for othertypes of log messages (with lower numbers having greater priority). See your syslog documentation for moreinformation on logging facilities.6 Click OK. Click OK to close the Logging Setup dialog box.7 Save your changes to the Firebox.Enabling advanced diagnosticsYou can select the level of diagnostic logging to write to your log file or to Traffic Monitor. We do not recommendthat you set the logging level to the highest level unless a technical support representativetells you to in order to troubleshoot a problem. It can cause the log file to fill up very quickly. It can alsomake an high load on the Firebox.1 From Policy Manager, select Setup > Logging.The Logging Setup dialog box appears.User Guide 85
- Page 52 and 53: Seeing Basic Firebox and Network St
- Page 54 and 55: Seeing Basic Firebox and Network St
- Page 56 and 57: Monitoring Firebox TrafficMonitorin
- Page 58 and 59: Clearing the ARP CacheLearning more
- Page 60 and 61: Using the Performance Console2 From
- Page 62 and 63: Using the Performance ConsoleWorkin
- Page 64 and 65: Viewing Number of Connections by Po
- Page 66 and 67: Viewing Information About Firebox S
- Page 68 and 69: Viewing Information About Firebox S
- Page 70 and 71: Viewing Information About Firebox S
- Page 72 and 73: Using HostWatchWhile the top part o
- Page 74 and 75: Using HostWatchPausing the HostWatc
- Page 76 and 77: Working with Licenses3 Below Option
- Page 78 and 79: Working with Licenses2 Expand Licen
- Page 80 and 81: Setting a Friendly Name and Time Zo
- Page 82 and 83: Changing the Firebox Passphrases10
- Page 84 and 85: Recovering a FireboxTo manually res
- Page 86 and 87: Recovering a Firebox68 WatchGuard S
- Page 88 and 89: Opening a Configuration Fileto a se
- Page 90 and 91: About Firebox Backup ImagesSaving a
- Page 92 and 93: Working with AliasesAlias names are
- Page 94 and 95: Using Global SettingsEnable TOS for
- Page 96 and 97: Managing a Firebox from a Remote Lo
- Page 98 and 99: Managing a Firebox from a Remote Lo
- Page 100 and 101: Setting Up the Log ServerSetting Up
- Page 104 and 105: Setting Global Logging and Notifica
- Page 106 and 107: Setting Global Logging and Notifica
- Page 108 and 109: Types of Log MessagesTypes of Log M
- Page 110 and 111: LogViewer SettingsLogViewer Setting
- Page 112 and 113: Using LogViewerSearching in LogView
- Page 114 and 115: Using LogViewerTo convert a log fil
- Page 116 and 117: Changing Firebox Interface IP Addre
- Page 118 and 119: Changing Firebox Interface IP Addre
- Page 120 and 121: About Multiple WAN Support3 Under H
- Page 122 and 123: About Multiple WAN SupportConfiguri
- Page 124 and 125: Adding Secondary NetworksIf your Fi
- Page 126 and 127: Configuring Dynamic DNSMake sure th
- Page 128 and 129: Configuring RoutesFor more informat
- Page 130 and 131: Configuring Related Hostsfor that I
- Page 132 and 133: Using Dynamic NATUsing Dynamic NATD
- Page 134 and 135: Using 1-to-1 NAT4 Click OK. Save th
- Page 136 and 137: Using 1-to-1 NATa VPN tunnel is con
- Page 138 and 139: Configuring Static NAT for a Policy
- Page 140 and 141: How User Authentication Worksvent a
- Page 142 and 143: Configuring the Firebox as an Authe
- Page 144 and 145: Configuring the Firebox as an Authe
- Page 146 and 147: Configuring SecurID Authentication6
- Page 148 and 149: Configuring LDAP Authentication3 In
- Page 150 and 151: Configuring a Policy with User Auth
Setting up the Firebox for a Designated Log Server5 For each type of log message, select the syslog facility to which you want it assigned. Forinformation on types of log messages, see “Types of Log Messages” on page 90.The syslog facility refers to one of the fields in the syslog packet and to the file the syslog is sent to. You can useLocal0 for high priority syslog messages, such as alarms. You can use Local1- Local 7 to assign priorities for othertypes of log messages (with lower numbers having greater priority). See your syslog documentation for moreinformation on logging facilities.6 Click OK. Click OK to close the Logging Setup dialog box.7 Save your changes to the Firebox.Enabling advanced diagnosticsYou can select the level of diagnostic logging to write to your log file or to Traffic Monitor. We do not recommendthat you set the logging level to the highest level unless a technical support representativetells you to in order to troubleshoot a problem. It can cause the log file to fill up very quickly. It can alsomake an high load on the Firebox.1 From Policy Manager, select Setup > Logging.The Logging Setup dialog box appears.<strong>User</strong> <strong>Guide</strong> 85