Network VirusWall Enforcer generates log entries after updates and when policies are matched. Use the logs to help you analyze network protection, troubleshoot, and manage security risks in your network. Network VirusWall Enforcer maintains several log types.
Note: During policy creation, you can choose to enable or disable the logging of policy violations.
|
Log |
Description |
|
Event log |
Network VirusWall Enforcer generates an entry in the event log every time it detects an event, such as a virus outbreak, or performs an action, such as a reset or a component update. If you register the device to Control Manager, it automatically sends event log entries to the Control Manager server. |
|
Network virus log |
Whenever Network VirusWall Enforcer detects a network virus, it creates a network virus log entry. If you register the device to Control Manager, it automatically sends network virus log entries to the Control Manager server. |
|
ARP spoofing log |
Whenever Network VirusWall Enforcer detects a malware associated with ARP spoofing, it generates an entry on the ARP spoofing log. Consult this log regularly to address any occurrences of this serious security breach. |
|
Threat mitigation log |
Whenever Network VirusWall Enforcer attempts to respond to a detection by Threat Discovery Appliance (TDA), it generates an entry in the threat mitigation logs. If you register the device to Control Manager, it automatically sends threat mitigation log entries to the Control Manager server. |
|
Endpoint history |
When Network VirusWall Enforcer matches a policy to an endpoint, it creates an endpoint history entry. If you register the device to Control Manager, you can configure the time interval for sending endpoint history entries to the Control Manager server. |