It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda CloudGen Firewall
Overview Documentation Training Certification Materials

Log File Handling

  • Last updated on

The log configuration specifies how the log daemon handles logfiles on the firewall or Control Center. Logs can be sent to the syslog service and/or written to the local or an external USB storage device. Log cycling specifies how long logfiles are kept and where they are stored.

Before You Begin

(optional) To use move to external storage as a log cycling action, you must prepare the USB storage device. For more information, see How to Prepare External USB Storage for Log File Storage.

Configure the Log Daemon

  1. Go to CONFIGURATION > Configuration Tree > Box >  Infrastructure Services > Log Configuration.
  2. Click Lock.
  3. Set the parameters for Generate Log Data and Store Log Data.
  4. Click Send Changes and Activate.

The following table displays how and where the log daemon saves logfiles, and when the parameters are set:

Generate Log DataStore Log DataResult
yesyesLogs are sent to the syslog service and written to disk.
yesnoLogs are sent to the syslog service but not written to disk.
noyesLogs are neither sent to the syslog service nor written to disk. If you want to activate the writing of logfiles to disk only, you must set parameters Generate Log Data AND Store Log Data to yes and disable syslog streaming in the Infrastructure Services > Syslog Streaming configuration.
nonoLogs are not streamed or saved to disk.

Configure Log Cycling

  1. Go to CONFIGURATION > Configuration Tree > Box > Advanced Configuration > Log Cycling.
  2. Click Lock.
  3. Set Verbose Logging:
    • yes – (default) The file name and action of the cycled log files are logged to the box/logs/logstor log file. 
    • no – Cycled logfiles are not logged.
  4. To use external USB storage devices, set External Log File Storage to yes. For more information, see How to Prepare External USB Storage for Log File Storage.
  5. In the File Specific Settings table, click + to add a new entry for the log file type.

  6. Enter the Name using only letters and numbers. Do not use dashes "-" or underscore "_".

  7. Click OK.

  8. Select the Type of Logfile:

    • all – All log files created.

    • box – Logfiles created by the box layer services.

    • boxfw – Log files of the host firewall.

    • fatal – Logfile containing entries from all fatal logfiles.

    • misc – Logfiles that are not box layer logfiles.

    • user – Logfile containing entries related to specific users.

  9. (user log file types only) Enter Logfile Name Patterns. E.g., box_*.log or box_Config*.log

    The Logfile Name Patterns may not contain dash characters (-).

  10. Configure Log Cycling Actions. In the Actions table, add entries to configure the log maintenance policies. You can add the following types of actions:
    • remove – The minimum number of logfiles defined in Always Keep (File Instances) are kept regardless of the logfile age. Log files exceeding this limit and older than the Max Storage Time are deleted. 
      • Storage Time (days) – Enter the maximum number of days that the file can be kept before it must be moved.

      • Always Keep (File Instances) – Enter the number of log files that cannot be moved, regardless of the setting entered in the Storage Time (days) field.

    • purge – All log files older than the Max Storage Time are deleted.

      • Max Storage Time (days) – Enter the maximum number of days that the log file can be kept.

        Note:
        The F18a model is limited to 3 days.
        After a new installation, the default value is 3 for the Revision B boxes.
        However, unlike for the F18a appliance, the value can be configured to be more than 60 days for the F12, the F18b, and the F80b models.
    • move – Logfiles older than the Storage Time are moved to another directory.
      • Storage Dir – Enter the full path of the destination log directory.
      • Keep Log Structure – Select yes to preserve the separation of log and laf files by using different subdirectories.
      • Compression – Select yes to gzip moved logfiles.
      • Storage Time (days) – Enter the maximum number of days that the file can be kept before it must be moved.

      • Always Keep (File Instances) – Enter the number of log files that cannot be moved, regardless of the setting entered in the Storage Time (days) field.

        You must manually monitor the Storage Dir directory. Delete or move old log files to prevent the disk from running out of space.

    • move to external storage – Logfiles older than the Storage Time are moved to the external USB storage device.

      • Storage Time (days) – Enter the maximum number of days that the file can be kept before it must be moved.

      • Always Keep (File Instances) – Enter the number of log files that cannot be moved, regardless of the setting entered in the Storage Time (days) field.

  11. Click OK.
  12. Click Send Changes and Activate.