Barracuda SecureEdge offers multiple audit and reporting functionalities to help you monitor activities throughout your network.
Audit Log
The Audit Log contains all administrative actions and displays the user and the public IP address of the user who performs an action. It can be accessed in the Audit Log tab of the Cloud UI https://se.barracudanetworks.com. Actions performed directly on the Local Web UI are logged with the username root. You can also download the entries as a CSV file.
Log Files
Barracuda SecureEdge appliances generate log files for the following system processes:
FW Activity Log
Threag Log
Web Log
SD-WAN Log
Log files are stored and are accessible directly on the appliance. To limit the size of a single log file, the appliance creates a new log file for each service every four hours. All log files are stored in plain text in the system's /var/phion/logs directory.
Format and Types
Log file entries are divided into the following segments:
Time – The time when an event has taken place. This indicator marks individual log entries.
Type – Shows the following types of the log files.
Warning – Uncritical log event (e.g., login to the system)
Error – Log event error (e.g., system calls or clock skew)
Fatal – System-critical log events.
Notice – Normal system log events.
Security – Security-relevant log events.
Panic – Marks critical log events compromising the system's functionality and stability.
TZ – Displays the UTC time zone offset compared to the local box time.
Message – Description of the log event.
Stream Log Files to Microsoft Azure
Log files can be easily streamed to a Log Analytics workspace in Microsoft Azure.
To stream log files to a Log Analytics workspace in Microsoft Azure, see How to Configure Log Streaming to Microsoft Azure Log Analytics Workspace.
To get started with Microsoft Log Analytics, see https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/get-started-portal.
With Azure Monitor Agent, the machines streaming logs to a Log Analytics Workspace are no longer directly connected to it, but are associated to a Data Collection Rule instead. For more information, see How to Configure Log Streaming via Azure Monitor Agent in SecureEdge.
Syslog Streaming
The Barracuda SecureEdge Manager allows administrators to configure syslog streaming.
For more information, see How to Configure Syslog Streaming in SecureEdge.
Notifications
Barracuda SecureEdge allows you to create notifications for certain events. These notifications are sent to one or more specified email addresses. You can also download a list of notifications as a CSV file. For more information, see How to Create a Notification.
