The traffic log displays events that triggered firewall rules and NAT rules that have packet logging enabled. The following information is displayed:
-
UserGate node where the event occurred.
-
Event time.
-
Event details.
-
User.
-
Action.
-
Rule.
-
Application.
-
Network protocol.
-
Source zone.
-
Source IP address.
-
Source port.
-
Source MAC address.
-
Destination zone.
-
Destination IP address.
-
Destination port.
-
Destination MAC address.
-
NAT source IP address (in case of a NAT rule).
-
NAT source port (in case of a NAT rule).
-
NAT destination IP address (in case of a NAT rule).
-
NAT destination port (in case of a NAT rule).
-
Bytes sent/received.
-
Packets sent/received.
Administrators can select to display only the columns they need. To do this, click on any of the columns and set the checkmarks for the columns you want to display in the context menu that appears.
To assist in finding the events of interest, the records can be filtered by various criteria such as the user account, rule, action, etc.
By clicking Export as CSV the administrator can save the filtered log data in a .csv file for subsequent analysis.
Click Show to open a window with a detailed event description.