Table of Contents
Advertisement
URLs
Add the URL to a group: this option allows adding a URL to a group from a log file. As such,
URLs that have been identified as malicious or undesirable may, for example, be added to a
customized group that will be subject to URL filtering.
This option appears on fields that contain URLs (destination name). A window will appear,
enabling:
URLs to be added to an existing group. This group may correspond to a category of
l
prohibited URLs, for example.
Ports
Add the service to the objects base and/or add it to a group: this option allows creating a
service and/or adding it to a group from a log file. As such, services that have been identified as
vulnerable or undesirable may, for example, be added to a group of prohibited services in filter
rules.
This option appears on fields that contain port numbers or service names (source port,
destination port, , name of the source port, name of the destination port, etc). A window will
appear, enabling:
The object to be saved in the database if it is a port number,
l
Add it to an existing group. This group may correspond to a category of prohibited services.
l
Views
All logs
l
This view displays all logs: Administration, Alarms, Authentication, Network connections, Filter,
FTP proxy, IPSec VPN, Application Connections, POP3 proxy, SMTP proxy, SSL proxy, System
events, Vulnerabilities, HTTP proxy and SSL VPN.
If the user does not have admin privileges, the Administration log will not be taken into
account in this view.
Network traffic
l
This view displays Network connections, Filter, FTP proxy, Application connections, POP3
proxy, SMTP proxy, SSL proxy, HTTP proxy and SSL VPN logs.
Two predefined filters searching for IPv4 traffic and IPv6 traffic are offered.
Threats
l
This view displays the Alarms log according to certain categories; this log only displays logs that
do not belong to the filter alarm category.
Three predefined filters that search for Application (classification=1), Malware (classification=2)
or Protection (classification=0) vulnerabilities are offered.
Web
l
This view displays Network connections, Application connections, and HTTP proxy logs
according to certain categories:
The Network connections logs only display logs whose standard service corresponding to
l
the destination port is HTTP, HTTPS or HTTP_PROXY.
Page 28/448
NOTE
SNS - USER CONFIGURATION MANUAL V.3
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
AUDIT LOGS
- Quick Links:
- Administrator Management
Hide quick links:
Advertisement
Table of Contents
