Wireless Access

last person joined: 14 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

If You Log a Firewall Drop, How Do You View the Log?

This thread has been viewed 14 times

  • 1.  If You Log a Firewall Drop, How Do You View the Log?

    Posted Nov 02, 2015 01:01 PM

    Capture.PNG

    Would someone please let me know how to view "logged" firewall rules?  See screenshot above.  Can this be viewed on the controller's command line (master or local?)?  Or can it only be viewed on a remote syslog server?  And if so, what facility will show me the dropped firewall hit and what section do I need to syslog?  Just Security > firewall?  Hope that makes sense.  I'm just trying to see if the rule got hit but would like a little more detail than "firewall hits".  thanks.



  • 2.  RE: If You Log a Firewall Drop, How Do You View the Log?

    EMPLOYEE
    Posted Nov 02, 2015 01:06 PM

    Try "show log security 100".



  • 3.  RE: If You Log a Firewall Drop, How Do You View the Log?

    Posted Nov 02, 2015 02:12 PM

    Thanks, that shows the "action=deny" with IPs and details but not the specific rule that triggered it (just the policy) but that's ok.  Thanks for your help.