Monitor System Access and Performance
510
ProSecure Unified Threat Management (UTM) Appliance
2. Enter the settings as explained in the following table:
Table 134. Logs Query screen settings
Setting Description
Log Type Select one of the following log types from the drop-down list:
• Traffic. All scanned incoming and outgoing traffic.
• Spam. All intercepted spam.
• System. The system event logs that you have specified on the Email and
Syslog screen (see Configure and Activate System, Email, and Syslog Logs
on page 467). However, by default, many more types of events are logged in
the system logs. Note that you cannot specify further search criteria on the
Log Query screen, that is, when you select System from the drop-down list,
the System Logs screen displays.
• Service Logs. All events that are related to the status of scanning and
filtering services that you access from the Application Security main
navigation menu. These events include update success messages, update
failed messages, network connection errors, and so on.
• Malware. All intercepted viruses, spyware, and other malware threats.
• Email filters. All emails that are blocked because of file extension and
keyword violations.
• Content filters. All attempts to access blocked websites and URLs.
• IPS. All IPS events.
• Anomaly Behavior. All port scan and DDoS events.
• Application. All instant messaging, peer-to-peer and media application, and
tools access violations.
• Firewall. The firewall logs that you have specified on the Firewall Logs screen
(see Configure and Activate Firewall Logs on page 476). Note that you cannot
specify further search criteria on the Log Query screen, that is, when you
select Firewall from the drop-down list, the Firewall Logs screen displays.
• IPSEC VPN. All IPSec VPN events. Note that you cannot specify further
search criteria on the Log Query screen, that is, when you select IPSEC VPN
from the drop-down list, the IPSec VPN Logs screen displays.
• SSL VPN. All SSL VPN events. Note that you cannot specify further search
criteria on the Log Query screen, that is, when you select SSL VPN from the
drop-down list, the SSL VPN Logs screen displays.
• HTTPS Smart Block. All attempts to access domains that are blocked as part
of an active HTTPS Smart Block logs profile (see Configure HTTPS Smart
Block on page 212).