Fine Tune Log Settings
-
Is there a way to fine tune which default block rules display in the log files? I see there are options for enabling and disabling logging of packets by the default block rule, but I am looking to turn off all ipv6 logging, and not ipv4 logging from the default block rule.
The only solution I can think of is to turn off all default rule blocking and place a block everything rule for ipv4 at the bottom of my policy rules and turn on logging for that policy. Is there a better way to accomplish this with log settings?
-
You might be able to export your settings and modify the xml file that way before restoring the edited backup?
Have you also seen Status: System logs: Settings tab…
Filter descriptions Show the applied rule description below or in the firewall log rows.
Displaying rule descriptions for all lines in the log might affect performance with large rule sets ?The default is not to show the rule descriptions which can make it harder to workout what rule is blocking or allowing when troubleshooting what rules are being acted upon.
Personally I log everything that way I can see when settings have changed/been reset on workstations due to updates or some other activity, even though I dont use ipv6 I still log it.