Cases for outputting binary logs from the USG2000 or USG5000 to the eLog system

9

Cases for outputting binary logs from the USG2000 or USG5000 to the eLog system
Configuration procedure:

1. Configure the system to output the session logs and application control logs to two eLog system in the binary format.

2. Configure ACL rules to enable the system to send sessions that comply with ACL rules to the eLog system.

Other related questions:
The method used to send logs from the USG2000 or USG5000 to the eLog system
The method used to send logs from the USG2000 or USG5000 to the eLog system is as follows: 1. Configure the IP address of the USG firewall, and add the interfaces to the security zone. 2. For USG series, configure interzone packet filtering to ensure normal network communication. 3. Adjust the time zone and time of the USG firewall to remain consistent with those on the log collector. 4. Adjust the time zone and time of the USG firewall to remain consistent with those on the log collector. 5. Enable the session log collection and sending functions. 6. Redirect logs in the information center to the log collector.

Case for outputting the USG2000 or USG5000 logs to the SNMP
The method used to output the USG2000 or USG5000 logs to the SNMP is as follows: 1. Enable the information center function on the USG firewall. 2. Configure the alarm information output channel and output module. 3. Configure the system to output alarms to the SNMP. 4. Configure the system to output alarms to the NMS.

Method used to output syslog logs of the USG2000, USG5000, or USG6000 to the log server
Method used to output syslog logs of the USG2000, USG5000, or USG6000 to the log server: Configuration procedure: 1. Enable the information center and allow the device to output logs through the information center. 2. Configure the source interface used to send logs. 3. Configure the log output channel to send logs of different modules to the specified log server. 4. Configure the log server to receive logs from the NGFW.

Method used to output session information of the USG2000 or USG5000 to the log server
The method used to output session information of the USG2000 or USG5000 to the log server is as follows: Log in to the web UI, choose Logs > Export to export all data.

Method used to output logs of the USG2000, USG5000, or USG6000 to the control console
Method used to output logs of the USG2000, USG5000, or USG6000 to the control console This configuration can enable the system to output debugging information to the control console. Context The system outputs debugging information to the control console using console information channel 0. The debugging information switch is set to On, and the verification level is set to debugging. Procedure: Configure the channel for outputting debugging information. On the device where the configuration information center resides, run the system-view command to enter the system view. Run the info-center source { module-name | default } channel { channel-number | channel-name } [ debug { state { off | on } | level severity } * ] command to add debugging information to the information channel. The system can output debugging information only when the information center is enabled. By default, the timestamp of the debugging information is in the boot format. Configure the system to output debugging information to the control console as follows: On the device where the configuration information center resides, run the system-view command to enter the system view. Run the info-center console channel { channel-number | channel-name } command to configure the system to output information to the CON control console. Configure the terminal display function: On the device where the configuration information center resides, run the terminal monitor command to enable the information display function of the terminal. By default, this function is enabled. The preceding command is valid only to the current terminal. Run the terminal debugging command to enable the terminal to display debugging information. Example In the system view, run the info-center source default channel 0 command to add debugging information to information channel 10. For [USG] info-center source default channel 0, run the info-center console channel 0 command to configure the system to output debugging information to CON0 control console. [USG] info-center console channel 0

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top