17.1. Logs

UserGate logs all events that occur during its operation. It uses the following logs:

  • Events: events related to changes in UserGate server settings, user and administrator authentication, updates to various lists, etc.

  • Web access: detailed log of all web requests handled by UserGate.

  • Traffic: a detailed log of all firewall, NAT, DNAT, port forwarding, and policy-based routing rules triggered. To log these events you need to enable logging in the required rules for the firewall, NAT, DNAT, Port forwarding, or Policy based routing.

  • IDPS: events logged by the intrusion detection and prevention system.

  • SCADA: events logged by SCADA control rules.

  • SSH inspection: log of triggered SSH inspection rules. To log these events, logging should be enabled.

  • Search history: user search queries in popular search engines.

Log management is automated: logs are cyclically overwritten providing the necessary free disk space for work.

Note

Event log entries are never overwritten.

Rotation of log entries except the event log is automated according to the criterion of free space on this partition. Database rotation records will be displayed in the event log. If LogAn is connected, then the entry will be displayed in the Log Analyzer event log.