Query of policy matching logs on the USG6000 series

By checking policy matching logs, you can learn traffic matching policies and determine whether security policies are correctly configured or achieve expected effects, to facilitate fault locating.

Context
Only the USG6000 supports policy matching logs, and such logs can be displayed only when a hard disk is installed.
For the USG6650/6660/6670/6680, the policy matching log page is displayed no matter whether hard disks are installed.
The firewall is deployed between the Internet and the network to be protected. If traffic matches a security policy, a policy matching log is generated.

Before querying policy matching logs, run the log type policy enable command on the firewall to enable the policy matching log function.
Choose Monitor > Log > Policy Matching Log to view information about policy matching logs.
Choose Customize and select/deselect conditions for the display of policy matching logs.
Click Export to export policy matching logs in CSV format to the management PC.

Scroll to top