We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Trying to View old logs from WatchGuard Firebox 1000

nyrguy45
nyrguy45 asked
on
Medium Priority
1,770 Views
Last Modified: 2013-11-16
Good Day all,

I am trying to view logs from earlier in the morning, but the logs only go within the last hour or two.  Is there anyway on this box to view logs from earlier in the day?
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2007

Commented:
You have option to open Logs once you are connected to log server.

Which version of watchguard software are you running.

Please advice.

Thank you.

Author

Commented:
Sorry it took so long to respond back.....I have been out of touch.

We have a Watchguard Firebox 1000 software version 7.21 B1596

Thanks Folks
CERTIFIED EXPERT
Top Expert 2007
Commented:
To view old logs in WG logging must be configured; easiest way to check if that is the case, in traffic monitor check the date/time of the logs if they are correct then you do have logging configured; if not; then sorry but we have lost old logs but we can configure log server for furture reference.

Next once you decide you wish to keep logs; you must decide on an internal machine on which the logs would be dumped. It would be preferable to have a server with some storage space.
You might use the same machine where the Watchguard management software is installed or you might use some other machine.
On the designated log server, install the WG software and make sure to select log option; then you would have or already might have a service running on the management software by name Watchguard Security Event Processor [WSEP - little red box on system tray]; if yes then edit the service and here you can configure the log encryption key.
Please remember this key, we would go in Policy Manager->Setup->logging; Add; under IP address specify the IP address of log server, and in the log encryption key put the same key.

Save to firebox; your firebox time would now sync with your log server; also you would be able to view the log files.

Thank you.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Thanks for you help that worked out great
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.