Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
RKinsp
Contributor

cp_log_export filter

Hey everyone,

We are trying to get cp_log_export to send out logs only Firewall rules with accounting (unified with URL Filtering) and NAT.

The SKs are very confusing when it comes to this and we want to avoid messing with the xml file, so using the filter-blade-in seemed the best choice.

Anybody have a list of the actually options for this? From sk144192 it seems like "NAT" and "VPN-1 & FireWall-1" are my best options, there doesn't seem to be an "access" option.

Another issue is that sk122323 does not indicated how to remove the filter or confirm that it was applied correctly.

Would this work?

cp_log_export add name sp2 target-server x.x.x.x target-port 514 protocol udp format syslog read-mode semi-unified
cp_log_export restart name sp2

cp_log_export set name sp2 filter-blade-in "VPN-1 & Firewall-1,NAT"

 

(Running on R81)

Thanks!

RK

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

I don't know that NAT is a valid option for Blades, or at least sk122323 doesn't suggest it is.
However, it if shows in the Product field of the relevant log entries, maybe it'll work?
To ensure you get all relevant logs, I'd use:  VPN-1 & FireWall-1,Firewall,Application Control,URL Filtering (and NAT if it's actually listed).

0 Kudos