Log management includes managing system operation logs, device logs, syslog interworking logs, syslog receive, configuration and syslog encryption configuration example.
System Operation Log
System operation logs record various operations of the administrator in the ATIC. All operations that affect the database and are initiated by the administrator are logged. Such operations as view, query, and update that do not affect the database are not logged.
View system operation logs and filter them based on the log level, administrator, log type, operation result, and log generation time.
System operation logs provide visibility into operations of the administrator.
Export system operation logs and save them to a specified local path.
Periodically dumping operation logs.
- In the Windows operating system, stores the logs recorded in the database to the D:\Runtime\LegoRuntime\datastorage\sysoptlog path on the ATIC server. You can download the dumped operation logs on the client and view them locally. In addition, you can delete the logs that are no longer needed from the ATIC server, reducing the recording times of the database and ensuring sufficient database spaces.
- In the Linux operating system, stores the logs recorded in the database to the software-installation-path/components/atic/LegoRuntime/datastorage/sysoptlog path on the ATIC server. You can download the dumped operation logs on the client and view them locally. In addition, you can delete the logs that are no longer needed from the ATIC server, reducing the recording times of the database and ensuring sufficient database spaces.
Default administrator admin has all permissions. Common administrators that are assigned with the view, export, or dumping permissions can view, export, or dump their own operation logs only. Common administrators that have no view, export, or dumping permissions cannot view, export, or dump any operation logs.
Level |
Definition |
|---|---|
Danger |
Refers to the operations that make the whole system or function modules faulty or unavailable. |
Warning |
Refers to the normal operations that performed in the system or on function modules. |
Minor |
Refers to the operations that may cause data inconsistency in system or on function modules. |
Info |
Refers to the operations that performed to access data in system or on function modules. |
Device Logs
The device logs records information about all command lines delivered by the AntiDDoS.
The ATIC allows you to view device logs and filter the logs based on the logging start time, end time, device IP address, terminal IP address, VTY interface, user name, VRF, and command line.
Device logs can be used to monitor the device or locate faults.
Device logs take up large database space and cannot be dumped. You can specify a period of time on the Anti-DDoS Data Maintenance page to regularly delete the reserved device logs. The device logs are retained for 90 days by default.
Syslog Interworking Log
Syslog interworking logs record information about the logs that the Netflow device sends to the ATIC.
Syslog Receive Configuration
Configurate to receive Syslog.
Syslog Encryption Configuration Example
The overall configuration procedure of syslog encryption