Enable logging of endpoint information
Logging of endpoint information allows you to view endpoint client information and users in log data and Report elements.
By default, endpoint information is logged when it is used for matching in the Access rules. You can optionally set endpoint information to be logged whenever it is received.
For more details about the product and how to configure features, click Help or press F1.
Steps
Logging - Select Rule Options dialog box
Use this dialog box to define Access rule logging options.
Option | Definition |
---|---|
Override Settings Inherited from Continue Rule(s) | When selected, overrides settings defined in Continue rules higher up in the policy. |
Log Level | Select one of these options:
|
Alert | When the Log Level is set to Alert, specifies the Alert that is sent. |
Severity | When the Log Level is set to Alert, allows you to override the severity defined in the Alert element. |
Connection Closing | Select one of these options:
|
Compress Logs | When enabled, creates a single log entry that contains information about the total number of the generated log entries when the limits defined in the Max Log
Rate or Max Burst Size are reached. After the single log entry is created, logging returns to normal and all generated entries are logged and shown separately.
|
Max Log Rate | The maximum number of separately logged entries per second. |
Max Burst Size | The maximum number of separately logged entries. |
Override Settings Inherited from Continue Rule(s) | When selected, overrides settings defined in Continue rules higher up in the policy. |
Log User Information |
|
Log Network Applications |
Other TLS traffic is decrypted only if an Access rule enables decryption and there is no TLS Match with the Deny Decrypting option that excludes the traffic from TLS Inspection. |
Log URL Categories | Enables the logging of the URL categories that the traffic matches.
|
Log Endpoint Information |
Enables the logging of endpoint information.
|
Store Additional Protocol Details | When selected, traffic is sent to be inspected. Some additional log data might be generated. |