Security

last person joined: 19 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Firewall live logging?

This thread has been viewed 4 times

  • 1.  Firewall live logging?

    Posted Dec 12, 2012 05:45 AM

    Is there anyway live logging of the firewall??

     

    I know im one rule away from fixing a problem.. and would be good if I could see a live log so I could possible identify exactly why something isnt working and right a rule accordingly...

     

    Cant seem to find anything the offers this level of granularity...

     

    Cheers



  • 2.  RE: Firewall live logging?

    EMPLOYEE
    Posted Dec 12, 2012 06:05 AM

    All there is, is "show datapath session table".  There is no live logging in the GUI.

     



  • 3.  RE: Firewall live logging?

    Posted Dec 12, 2012 07:36 AM

    You could also set the controller to send security logs to a syslog server or use the following command:

     

    sh log security all | inc "enter search criteria"



  • 4.  RE: Firewall live logging?

    Posted Dec 12, 2012 08:46 AM

    In the GUI, under monitoring > Controller > Firewall hits.

     

    Its very basic there but it may help along with both other suggestions.



  • 5.  RE: Firewall live logging?

    Posted Dec 14, 2012 04:51 PM

    you can also do an allow_all_log policy, enable logging on it, and syslog the security log

     

    the cli equivalent to the above is: show firewall hits