Viewing Rule Logs
You can search for the logs that are generated by a specific rule, from the Security Policy or from the Logs & Monitor > tab.
To see logs generated by a rule (from the Security Policy):
- In SmartConsole, go to the view.
- In the or , select a rule.
- In the bottom pane, click one of these tabs to see:
- - By default, shows the logs for the Current Rule. You can filter them by , , , , , , , ( is the default), , , or .
- (Access Control Policy only) - List of rule operations (Audit logs) related to the rule in chronological order, with the information about the rule type and the administrator that made the change.
To see logs generated by a rule (by Searching the Logs):
- In SmartConsole, go to the view.
- In the or , select a rule.
- Right-click the rule number and select .
- In the Logs & Monitor > tab, search for the logs in one of these ways:
- Paste the Rule UID into the query search bar and press Enter.
- For faster results, use this syntax in the query search bar:
layer_uuid_rule_uuid:*_<UID>
For example, paste this into the query search bar and press Enter:
layer_uuid_rule_uuid:*_46f0ee3b-026d-45b0-b7f0-5d71f6d8eb10
Policy Installation History
In the Installation History you can choose a Gateway, a date and time when the Policy was installed, and:
- See the revisions that were installed on the Gateway and who installed the Policy.
- See the changes that were installed and who made the changes.
- Revert to a specific version, and install the last "good" Policy.
To work with the Policy installation history:
- In SmartConsole, go to .
- From the or the , select .
- In the section, select a Gateway.
- In the section, select an installation date.
- To see the revisions that were installed and who made them:
Click .
To see the changes that were installed and who made them :
Click .
To revert to a specific version of the Policy:
Click .