Log Screens; View Log - ZyXEL Communications USG40 User Manual

The following table describes the labels in this screen.
Table 77 Monitor > UTM Statistics > SSL Inspection > Certificate Cache List
LABEL
Certificate Cache List
Add to Exclude list
#
In Exclude List
Time
Common Name
SNI
SSL Version
Destination
Valid Time
Refresh

7.26 Log Screens

Log messages are stored in two separate logs, one for regular log messages and one for debugging
messages. In the regular log, you can look at all the log messages by selecting All Logs, or you can
select a specific category of log messages (for example, security policy or user). You can also look
at the debugging log by selecting Debug Log. All debugging messages have the same priority.

7.26.1 View Log

To access this screen, click Monitor > Log. The log is displayed in the following screen.
Note: When a log reaches the maximum number of log messages, new log messages
automatically overwrite existing log messages, starting with the oldest existing log
message first.
• The maximum possible number of log messages in the ZyWALL/USG varies by model.
Events that generate an alert (as well as a log message) display in red. Regular logs display in
black. Click a column's heading cell to sort the table entries by that column's criteria. Click the
Chapter 7 Monitor
DESCRIPTION
Select and item in the list and click this icon to add the common name (CN) to the
Exclude List.
This field is a sequential value, and it is not associated with a specific entry.
If any one of common name, DNS name, email address or IP address of the
certificate is in the Exclude List, then traffic to the server identified by the
certificate is excluded from inspection.
The icons here are defined as follows:
• Gray: The identity of the certificate is not in the Exclude List
• Green: The common name of the certificate is in the Exclude List
• Yellow: The common name of certificate is not in the Exclude List but one of
the DNS name, email address or IP address is.
This is the latest date (yyyy-mm-dd) and time (hh-mm-ss) that the record in the
certificate cache list was met.
This displays the common name in the certificate of the SSL traffic destination
server.
Server Name Indication (SNI) is the domain name entered in the browser, FTP
client, etc. to begin the SSL session with the server. It allows multiple SSL
sessions to the same IP address and port number with different certificates from
different SNI. This field displays the SNI for this SSL session.
This field shows the SSL version. SSLv3/TLS1.0 is currently supported
This displays the IP address and port number of the SSL traffic destination server.
This displays the cache item expiry time in seconds. The cache item is deleted
when the remaining time expires.
Click this button to update the information in the screen.
ZyWALL/USG Series User's Guide
228