Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Watchguard XTM 520 Log's

Posted on 2014-07-22
2
Medium Priority
?
967 Views
1 Endorsement
Last Modified: 2014-07-23
We have a Watchguard XTM 520 with spamBLOCKER and Gateway AV enabled for email traffic. Is there a way to view log files associated with these services inside the web manager?
1
Comment
Question by:jvillareal78
2 Comments
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 40213534
On the Firebox System Manager (FSM) Traffic Monitor tab, you see log messages from your XTM device as they occur. This include Subscription Services tab that has current Firebox or XTM device statistics about these subscription services such as the gateway AV and Spamblocker, if installed.
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/fsm/security_subscriptions_wsm.html%3FTocPath%3DMonitor%2520Your%2520Device%7CSubscription%2520Services%2520Statistics%25C2%25A0(Subscription%2520Services)%7C_____0

so far i do not see if native log type are pertaining to the details log of those services, but more of the statistic log that is mentioned above.  Ideally you should have a log server and configured to receive log e.g.  configure your Firebox or XTM device to generate log messages for events that occur at the device,

https://www.watchguard.com/help/docs/webui/xtm_11/en-US/index.html#en-US/logging/logging_to_log_server_about_web.html%3FTocPath%3DLogging%2520and%2520Notification%7C_____2
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/logging/set_up_logging_on_device_wsm.html

...  and view those log message from log server (via connect to WatchGuard WebCenter) onwards

http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/logging/log_mgr_view_device_wsm.html

For example for SpamBlocker, if you want to send a log message each time spamBlocker takes an action, select the Send a log message check box for the action. If you do not want to record log messages for an action, clear this check box.

For example for Gateway AV, it can have Enable debug log messages (not really recommendation to be enabled) for diagnostic messages in times of Technical Support requesting them for troubleshooting.
0
 

Author Closing Comment

by:jvillareal78
ID: 40214621
That is what we were afraid of. Looks like we are setting up a syslog server.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question