Print Download Documentation Send Feedback

Previous

Next

Audit Logs

What can I do here?

Use this window to see the audit logs from all Security Gateways. The logs are stored on the Security Management Server and Log Servers.

Audit logs capture workflow operations for tracking and troubleshooting. Use them to track and analyze changes to the security and network environment.

Getting Here

Getting Here -
Logs & Monitor > Open Audit Log View

Understanding Logging

Security Gateways generate logs, and the Security Management Server generates audit logs. The Security Policy that is installed on each Security Gateway determines which rules generate logs.

Logs can be stored on a:

To find out how much storage is necessary for logging, see sk87263.

In a Multi-Domain Security Management environment, the Security Gateways send logs to the Domain Management Server or to dedicated Domain Log Servers. The Multi-Domain Server generates logs, and they can be stored on the Multi-Domain Server or on a dedicated Multi-Domain Log Server. To learn how to deploy logging in a Multi-Domain Security Management environment, see the R80 Multi-Domain Security Management Administration Guide.

To decrease the load on the Security Management Server, you can install a dedicated Log Server and configure the gateways to send their logs to this Log Server. To see the logs from all the Log Servers, connect to the Security Management Server with SmartConsole, and go to the Logs & Monitor view Logs tab.

A Log Server handles log management activities: