We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Attention

Barracuda CloudGen Firewall version 8.0 is a cloud-only version. It is currently not available for on-premises deployments and can only be deployed in Microsoft Azure, Amazon Web Services, or Google Cloud Platform public clouds.

Log File Handling

  • Last updated on

The log configuration specifies how the log daemon handles logfiles on the firewall or Control Center. Logs can be sent to the syslog service and/or written to the local or an external USB storage device. Log cycling specifies how long logfiles are kept and where they are stored.

Before You Begin

(optional) To use move to external storage as a log cycling action, you must prepare the USB storage device. For more information, see How to Prepare External USB Storage for Log File Storage.

Configure the Log Daemon

  1. Go to CONFIGURATION > Configuration Tree > Box >  Infrastructure Services > Log Configuration.
  2. Click Lock.
  3. Set the parameters for Generate Log Data and Store Log Data.
  4. Click Send Changes and Activate.

The following table displays how and where the log daemon saves logfiles, and when the parameters are set:

Generate Log Data Store Log Data Result
yes yes Logs are sent to the syslog service and written to disk.
yes no Logs are sent to the syslog service but not written to disk.
no yes Logs are neither sent to the syslog service nor written to disk. If you want to activate the writing of logfiles to disk only, you must set parameters Generate Log Data AND Store Log Data to yes and disable syslog streaming in the Infrastructure Services > Syslog Streaming configuration.
no no Logs are not streamed or saved to disk.

Configure Log Cycling

  1. Go to CONFIGURATION > Configuration Tree > Box > Advanced Configuration > Log Cycling.
  2. Click Lock.
  3. Set Verbose Logging:
    • yes – (default) The file name and action of the cycled logfiles are logged to the box/logs/logstor logfile. 
    • no – Cycled logfiles are not logged.
  4. To use external USB storage devices, set External Log File Storage to yes. For more information, see How to Prepare External USB Storage for Log File Storage.
  5. In the File Specific Settings table, click + to add a new entry for the logfile type.
  6. Enter the Name using only letters and numbers. Do not use dashes "-" or underscore "_".

  7. Click OK.
  8. Select the Type of Logfile:

    • all – All logfiles created.

    • box – Logfiles created by the box layer services.

    • boxfw – Logfiles of the host firewall.

    • fatal – Logfile containing entries from all fatal logfiles.

    • misc – Logfiles that are neither box or virtual server layer logfiles.

    • server – Logfiles created by services running on a virtual server.

    • user – Logfile containing entries related to specific users.

  9. (user log file types only) Enter Logfile Name Patterns. E.g., box_*.log or box_Config*.log

    The Logfile Name Patterns may not contain dash characters (-).

  10. Configure Log Cycling Actions. In the Actions table, add entries to configure the log maintenance policies. You can add the following types of actions:
    • remove – The minimum number of logfiles defined in Always Keep (File Instances) are kept regardless of the logfile age. Logfiles exceeding this limit and older than the Max Storage Time are deleted. 
      • Storage Time (days) – Enter the maximum number of days that the file can be kept before it must be moved.
      • Always Keep (File Instances) – Enter the number of logfiles that cannot be moved, regardless of the setting entered in the Storage Time (days) field.

    • purge – All logfiles older than the Max Storage Time are deleted.
      • Max Storage Time (days) – Enter the maximum number of days that the logfile can be kept.
    • move – Logfiles older than the Storage Time are moved to another directory.
      • Storage Dir – Enter the full path of the destination log directory.
      • Keep Log Structure – Select yes to preserve separation of log and laf files through using different subdirectories.
      • Compression – Select yes to gzip moved logfiles.
      • Storage Time (days) – Enter the maximum number of days that the file can be kept before it must be moved.
      • Always Keep (File Instances) – Enter the number of logfiles that cannot be moved, regardless of the setting entered in the Storage Time (days) field.

        You must manually monitor the Storage Dir directory. Delete or move old logfiles to prevent the disk from running out of space.

    • move to external storage – Logfiles older than the Storage Time are moved to the external USB storage device.

      • Storage Time (days) – Enter the maximum number of days that the file can be kept before it must be moved.

      • Always Keep (File Instances) – Enter the number of logfiles that cannot be moved, regardless of the setting entered in the Storage Time (days) field.

  11. Click OK.
  12. Click Send Changes and Activate.
Last updated on