It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda SecureEdge

Logs and Monitoring

  • Last updated on

Barracuda SecureEdge offers multiple audit and reporting functionalities to help you monitor activities throughout your network.

Audit Log

The Audit Log contains all administrative actions and displays the user and the public IP address of the user who performs an action. It can be accessed in the Audit Log tab of the Cloud UI https://se.barracudanetworks.com. Actions performed directly on the Local Web UI are logged with the username root. You can also download the entries as a CSV file.

audit-log-9.0.png

Log Files 

Barracuda SecureEdge appliances generate log files for the following system processes:

  • FW Activity Log

  • Threag Log

  • Web Log

  • SD-WAN Log 

Log files are stored and are accessible directly on the appliance. To limit the size of a single log file, the appliance creates a new log file for each service every four hours. All log files are stored in plain text in the system's /var/phion/logs directory. 

Format and Types

Log file entries are divided into the following segments:

  • Time – The time when an event has taken place. This indicator marks individual log entries.

  • Type – Shows the following types of the log files.

    • Warning – Uncritical log event (e.g., login to the system)

    • Error – Log event error (e.g., system calls or clock skew)

    • Fatal – System-critical log events.

    • Notice – Normal system log events.

    • Security – Security-relevant log events.

    • Panic – Marks critical log events compromising the system's functionality and stability.

  • TZ – Displays the UTC time zone offset compared to the local box time.

  • Message – Description of the log event.  

Stream Log Files to Microsoft Azure

Log files can be easily streamed to a Log Analytics workspace in Microsoft Azure.  

azure-monitor.png

Firewall Activity Log

  • Action taken

  • Source IP

  • Source port

  • Destination IP

  • Destination port

Firewall Threat Log

  • Threat description

  • Action taken

  • Source IP

  • Destination IP

  • Destination port

  • Protocol

  • User name

VPN User Accounting Log

  • Event (login/logout)

  • Tunnel name

  • User name

  • Peer

  • Start time

  • End time

  • Duration

  • Bytes in

  • Bytes out

SDWan Data Log

  • Tunnel name

  • Host name

  • Transport state

  • Sample timestamp

  • Number of samples

  • Effective upstream bandwidth minimum

  • Effective upstream bandwidth average

  • Effective upstream bandwidth maximum

  • Effective downstream bandwidth minimum

  • Effective downstream bandwidth average

  • Effective downstream bandwidth maximum

  • Latency minimum

  • Latency average

  • Latency maximum

  • Usage standard upstream minimum

  • Usage standard upstream average

  • Usage standard upstream maximum

  • Usage standard downstream minimum

  • Usage standard downstream average

  • Usage standard downstream maximum

  • Usage non-delay upstream minimum

  • Usage non-delay upstream average

  • Usage non-delay upstream maximum

  • Usage non-delay downstream minimum

  • Usage non-delay downstream average

  • Usage non-delay downstream maximum

Barracuda Own Metrics

  • SSL VPN clients

  • Connections total

  • Connections new

  • Connections failed

  • Connections dropped

  • Connections blocked

  • Forwarding connections total

  • Forwarding connections new

  • Site-to-site VPN tunnels up

  • Site-to-site VPN tunnels down

  • Client-to-site VPN tunnels

  • Protected IPS

  • IPS hits

  • Packets total

  • Packets in

  • Packets out

  • Bytes total

  • Bytes in

  • Bytes out

  • Metered bytes total

  • Used memory

  • Free memory

  • Load

Generic Performance Metrics

  • Hard disk i/o measurements

  • RAM usage

  • Network interface statistics

  • CPU usage

  • File system usage

  • Temperature data

free_memory.png

Syslog Streaming

The Barracuda SecureEdge Manager allows administrators to configure syslog streaming.

syslog-streaming.png

For more information, see How to Configure Syslog Streaming in SecureEdge.

Notifications

Barracuda SecureEdge allows you to create notifications for certain events. These notifications are sent to one or more specified email addresses. You can also download a list of notifications as a CSV file. For more information, see How to Create a Notification.

notification-9.0.png

Further Information