Creating Log Receivers; Logging To Memorylogreceiver; Logging To Syslog Hosts - D-Link DFL-260E User Manual

2.2.3. Creating Log Receivers

By default, NetDefendOS sends all messages of level Info and above to configured log servers. The
Debug category is intended for troubleshooting only and should only be turned on if required when
trying to solve a problem. All log messages of all severity levels are found listed in the
NetDefendOS Log Reference Guide.
2.2.3. Creating Log Receivers
To distribute and log the event messages generated by NetDefendOS, it is necessary to define one or
more event receivers that specify what events to capture, and where to send them.
NetDefendOS can distribute event messages to different types of receivers and these are enabled by
creating any of the following Log Receiver objects.
• MemoryLogReceiver
NetDefendOS has a single built in logging mechanism also known as the MemLog. This retains
all event log messages in memory and allows direct viewing of recent log messages through the
Web Interface.
This is enabled by default but can be disabled.
This receiver
MemoryLogReceiver".
• Syslog Receiver
Syslog is the de-facto standard for logging events from network devices. If other network
devices are already logging to Syslog servers, using syslog with NetDefendOS messages can
simplify overall administration.
This receiver type is discussed further below in Section 2.2.5, "Logging to Syslog Hosts".

2.2.4. Logging to MemoryLogReceiver

The MemoryLogReceiver (also known as Memlog) is an optional NetDefendOS feature that allows
logging direct to memory in the NetDefend Firewall instead of sending messages to an external
server. These messages can be examined through the standard user interfaces.
Memory for Logging is Limited
Memlog memory available for new messages is limited to a fixed predetermined size. When the
allocated memory is filled up with log messages, the oldest messages are discarded to make room
for newer incoming messages. This means that MemLog holds a limited number of messages since
the last system initialization and once the buffer fills they will only be the most recent. This means
that when NetDefendOS is creating large numbers of messages in systems with, for example, large
numbers of VPN tunnels, the Memlog information becomes less meaningful since it reflects a
limited recent time period.
Disabling Memory Logging
The MemoryLogReceiver object exists by default in NetDefendOS. If this receiver is not required
then it can be deleted and this type of logging will be switched off.

2.2.5. Logging to Syslog Hosts

Overview
type is discussed further
58
Chapter 2. Management and Maintenance
below in Section 2.2.4, "Logging to