Query The Logs - NETGEAR UTM9S Reference Manual

To view the most recent entries, click Refresh. To delete all the existing log entries, click
Clear Log.

Query the Logs

The UTM generates logs that provide detailed information about malware threats and traffic
activities on the network. You can view these logs through the web management interface or
save the log records in CSV or HTML format and download them to a computer (the
downloading option is not available for all logs).
Note: For information about the quarantine logs, which are stored
externally, see
page 467.
WARNING!
When you reboot the UTM, the logs are lost. If you want to save
the logs, make sure that you configure the UTM to send the logs to
a syslog server. For information about how to do this, and also
about how to email logs, see
Email, and Syslog Logs
The UTM provides 13 types of logs:
• Traffic. All scanned incoming and outgoing traffic.
• Spam. All intercepted spam.
• System. The system event logs that you have specified on the Email and Syslog screen
(see Configure and Activate System, Email, and Syslog Logs
default, many more types of events are logged in the system logs.
• Service. All events that are related to the status of scanning and filtering services that you
access from the Application Security main navigation menu. These events include update
success messages, update failed messages, network connection errors, and so on.
• Malware. All intercepted viruses, spyware, and other malware threats.
• Email filters. All emails that are blocked because of file extension and keyword
violations.
• Content filters. All attempts to access blocked websites and URLs.
• IPS. All IPS events.
• Port scan. All port scan events.
• Application. All instant messaging, peer-to-peer and media application, and tool access
violations.
ProSecure Unified Threat Management (UTM) Appliance
Query the Quarantine Logs (UTM9S Only)
on page 423.
Monitoring System Access and Performance
Configure and Activate System,
460
on
on page 423). However, by