Specifying How Many Attacks Generate A Log - HP 7102dl - ProCurve Secure Router Configuration Manual
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
ProCurve Secure Router OS Firewall—Protecting the Internal, Trusted Network
Configuring Logging
N o t e
4-26
To examine the logs stored in the event history, enter the following command:
ProCurve# show event-history
Logs are marked with the date and time at which they occurred. They are also
labeled with the type of event. For example, the message can be about the
status of a line (E1) or interface (INTERFACE_STATUS). It can be a message
from a particular protocol, such as a PPP negotiation message or a DHCPACK
message.
Examining the event history will often help you to locate the source of a
problem, as well as monitor network activity to look for ways to reduce
overhead. When troubleshooting a specific problem, you should first clear the
event history:
ProCurve# clear event-history
You can then reproduce the problem and view the event history. Only logs
relevant to the problem will appear. If necessary, lower the priority level for
logging events and reproduce the problem again.
The enable mode command, events, is different than the global configuration
mode command, event-history on. The first displays events to the terminal
as they occur. The second saves these events to an event history, stored on
the router, which you can view at any time.
Specifying How Many Attacks Generate a Log
By default, the firewall generates a log after it blocks 100 attacks. This setting
is called the attack log threshold. (An attack log has an error priority.)
You can alter this threshold. Set the attack log threshold from the global
configuration mode context by entering:
Syntax: ip firewall attack-log threshold <number of attacks blocked>
You can set the threshold from 1 to 4,294,967,295.
For example, you might want to determine the times of day at which your
network receives the most attacks. Lowering the threshold lets you zero in
more precisely on when attacks actually occur. For example:
ProCurve(config)# ip attack-log firewall threshold 10
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
