★ ★Traffic logs and NAT logs cannot be seen on F1000 series firewalls
- 0 Followed
- 0Collected ,1307Browsed
Network Topology
Device Model: SecPath F1000-AI-25
Software version: 7.1.064, Release 8860P18
Problem Description
Check the web page: Monitor>Device Logs/Security Logs.
There are no traffic logs and nat logs.
Process Analysis
Check the configuration:
1.
2.
3.
#
inspect activate
session statistics enable
session top-statistics enable
application statistics enable
inspect activate
webui log enable //This configuration device does not support
application global statistics enable //This configuration device does not support it. After all other configurations have been configured, the traffic log cannot be seen
#
dac log-collect service dpi traffic enable
dac log-collect service nat flow_log enable
#
4.
===============display cpu===============
Slot 1 CPU 0 CPU usage:
1% in last 5 seconds
1% in last 1 minute
1% in last 5 minute
===============display memory===============
Memory statistics are measured in KB:
Slot 1:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 3898624 2373808 1524816 0 13320 553432 42.7%
-/+ Buffers/Cache: 1807056 2091568
Swap: 0 0 0
Solution
After waiting for a period of time, the customer can see the traffic log, but still cannot see the NAT log. To display Nat logs on the web, it need to enable userlog flow syslog and convert them to system logs and send them to the information center. In addition, the new version needs to enable dac log-collect service nat flow_log enable to turn on the nat log switch.
However, if the amount of on-site nat logs is too large, it is recommended to send them to the log host (so that the web will no longer display nat logs). Refer to the following technical announcement: