Event Log

ScreenOS provides an Event Log for monitoring system events on the NetScreen device. You can use the Event Log to view system events and gather information about hardware or software problems. The Event Log categorizes system events by severity level.

The Event log Severity Levels Are as Follows:

Alarm Level

EMERGENCY: Identifies critical attacks such as SYN attacks, Tear Drop attacks, and Ping of Death attacks. For more information on these types of attacks, see Screen Options.

ALERT: Identifies problems such as multiple user authentication failures and other attacks not included in the emergency category. For more information on various types of attacks, see Screen Options.

CRITICAL: Identifies events such as URL blocks, traffic alarms, high availability (HA) status changes, and global communications.

Event Level

ERROR: Generates messages for admin name and password changes.

WARNING: Generates messages for admin logins and logouts, failures to log in and log out, and user authentication failures, successes, and timeouts.

NOTIFICATION: Generates messages for link status changes, load balancing server status changes, and traffic logs.

INFORMATION: Generates any kind of message not specified in other categories.

DEBUGGING: Generates all debugging messages. (See "Debug" commands in the NetScreen CLI Reference Guide.)

The event log displays the following information for each event:

Date/Time: Indicates the date and time of the system event.

Level: Indicates the severity level of the system event.

Description: Describes the system events or changes and, if applicable, the source of the events.

You can save the Event log to your local hard drive or to a directory on your local area network for later viewing and analysis.

Viewing the Event Log

  1. Select the number of log messages per page you want to view from the List per page drop-down menu.

  2. Select the page number you want to view from the Go to page drop-down menu, or click the arrow buttons to scroll backwards or forwards through the Event Log one page at a time.

  3. Click Clear to clear all messages from the Event Log.

  4. To filter log messages so that you see only messages of a certain severity level, select the level from the Log Level drop-down menu.

  5. To find log messages by their descriptions, type the description in the Search box and click Search.

  6. Click Refresh to update the Event Log with the most recent system events.

Note: You can also view system events through Syslog or WebTrends. For more information, see Syslog Report Settings or WebTrends Report Settings.

To Save the Event Log to Another Location

  1. Click Save.

The File Download dialog box appears and prompts you to open the file or save it to your computer.

  1. Click Save.

The Save As dialog box appears.

  1. Navigate to the location where you want to save the event log file, and then click Save.

To view the event log file, you can use an ASCII text editor (such as NotePad or WordPad).

 

Related Topics