Documente Academic
Documente Profesional
Documente Cultură
5
Log Events Reference Guide
Copyright© 2016 Dell Inc. All rights reserved.
This product is protected by U.S. and international copyright and intellectual property laws. Dell™, the Dell logo, and
SonicWALL are trademarks of Dell Inc. in the United States and/or other jurisdictions. All other marks and names mentioned
herein may be trademarks of their respective companies.
Legend
CAUTION: A CAUTION icon indicates potential damage to hardware or loss of data if instructions are not followed.
WARNING: A WARNING icon indicates a potential for property damage, personal injury, or death.
IMPORTANT NOTE, NOTE, TIP, MOBILE, or VIDEO: An information icon indicates supporting information.
Syslog events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Log > Syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
Index of Syslog tag field descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
Examples of standard Syslog messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Examples of ArcSight Syslog messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Legacy categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Expanded categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54
Priority levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
About Dell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Legacy categories
This section can be used as a reference for understanding different categories and their descriptions. The
following table describes the Legacy categories shared in all SonicOS releases.
Expanded categories
The following table displays expanded category information, also known as the SonicOS category, for all
firmware releases and platforms.
Category Description
802.11 Management Logs 802.11 management activity
Advanced Routing Logs Advanced Routing activity
Advanced Switching Logs Advanced Switching activity
Anti-Spam Service Logs the Anti-Spam service
App Flow Server Logs App Flow Server activity
App Rules Logs App Rules activity
Category Description
Application Control Logs Application Control activity
Attacks Logs messages showing Denial of
Service attacks, such as SYN Flood,
Ping of Death, and IP Spoofing.
Authenticated Access Logs Authenticated Access activity
WAN Acceleration Logs the WAN Acceleration activity
Blocked Java Etc Logs Java, ActiveX, and Cookies
blocked
Blocked WebSites Logs Websites blocked
BOOTP Logs Bootstrap Protocol (BOOTP)
activity
Botnet Blocking Logs the Botnet Blocking activity
SSO Agent Authentication Logs the SSO Agent Authentication
activity
Crypto Test Logs Crypto Test activity
DDNS Logs Dynamic Domain Name System
(DDNS) activity
Denied LAN IP Logs LAN IP denied activity
DHCP Client Logs DHCP Client activity
DHCP Relay Logs DHCP Relay activity
DHCP Server Logs DHCP Server activity
DPI-SSL Logs the Deep Packet Inspection of
Secure Socket Layer (DPI-SSL)
activity
Dropped ICMP Logs blocked incoming Internet
Control Message Protocol (ICMP)
packet activity
Dropped TCP Logs blocked incoming Transmission
Control Protocol (TCP) connection
activity
Dropped UDP Logs blocked incoming User
Datagram Protocol (UDP) packet
activity
DSL Logs DSL activity
Dynamic Address Objects Logs Dynamic Address Object
activity
E1-T1 Logs E1-T1 activity
Firewall Event Logs Firewall Event alerts and
activity
Firewall Hardware Logs Firewall Hardware alerts and
activity
Firewall Logging Logs other Firewall-related activity
Firewall Rule Logs Firewall Rule alerts and
activity
FTP Logs File Transfer Protocol (FTP)
activity
Geolocation Logs the Geolocation service
activity
Category Description
GMS Logs Dell SonicWALL Global
Management System (GMS) activity
High Availability Logs High Availability activity
Intrusion Prevention Logs Intrusion Prevention activity
IPComp Logs IP Compression (IPComp)
activity
IPNet Logs IPNet activity
IPv6 Tunnel Logs IPv6 activity
L2TP Client Logs Layer 2 Tunnel Protocol (L2TP)
client activity
L2TP Server Logs Layer 2 Tunnel Protocol (L2TP)
server activity
MAC-IP Anti-Spoof Logs the MAC-IP Spoofing activity
Modem Logs the Modem activity
Modem Debug Logs the Modem Debug activity
MSAD Logs Microsoft Active Directory
(MSAD) activity
Multicast Logs Multicast activity
Network Logs Network activity
Network Debug Logs NetBios broadcasts, ARP
resolution problems, and NAT
resolution problems
Network Access Logs successful and unsuccessful
Network Access activity
Network Monitor Logs Network Monitor activity
Network Traffic Logs Network Traffic activity
PPP Logs Point-to-Point (PPP) activity
PPP Dial-Up Logs Point-to-Point (PPP) Dial-Up
activity
PPPoE Logs Point-to-Point Protocol over
Ethernet (PPPoE) activity
PPTP Logs Point-to-Point Tunneling
Protocol (PPTP) activity
Remote Authentication Logs Remote Authentication
activity
RBL Logs Realtime Blackl LIST (RBL)
activity
RF Monitoring Logs RF Monitoring activity
Security Services Logs Security Services activity
SNMP Logs the Simple Network
Management Protocol (SNMP)
activity
SonicPoint Logs the SonicPoint activity
SonicPointN Logs the SonicPointN activity
SSLVPN Logs Secure Socket Layer Virtual
Private Network (SSLVPN) activity
System Environment Logs System Environment activity
Category Description
System Errors Logs System Errors activity
System Maintenance Logs System Maintenance activity
User Activity Logs successful and unsuccessful
log in attempts
VOIP Logs Voice over IP (VOIP) activity
VPN Logs Virtual Private Network (VPN)
activity
VPN Tunnel Status Logs VPN Tunnel Status activity
VPN Client Logs VPN Client activity
VPN IKE Logs VPN IKE activity
VPN IPSec Logs VPN IP Security activity
WAN Availability Logs WAN Availability activity
Wireless Logs Wireless activity
WLAN IDS Logs Wireless LAN Intrusion
Detection System (IDS) activity
Priority levels
The following table displays the Priority Number and Name for Syslog Tags. The value here is taken from the
“Priority Level column of the Index of Log Event Messages on page 6, or the “pri” tag in Index of Syslog tag field
descriptions on page 47. For example, a tag with “pri=0” means Emergency Priority.
Dell listens to customers and delivers worldwide innovative technology, business solutions, and services they
trust and value. For more information, visit http://www.software.dell.com.
Contacting Dell
For sales or other inquiries, visit http://software.dell.com/company/contact-us.aspx or call 1-949-754-8000.