The screenshot is from a centrally managed appliance - as it has only Tabs Home / Device / Users / Logs avalable, while locally managed also show Access Policy, Threath Prevention and VPN. Usually, this page shown no logs if there is a SMS/Logserver available. The Network Objects for the IPs have to be defined in Users & Objects and Device > Network > DNS > Enable DNS proxy > Resolve Network Objects enabled.

Hi Gunther,

Yes, correct, it is central managed.

Regarding the advised setting, i did try it.. but still log cannot view obj name.

And you did define the Network Objects using the correct IP ? I can not see that setting yet... Maybe you should do a reboot after changing the settings ?

I already define the network Obj..but right now im out of office and unable to give the proof.

Unfortunately, reboot also has been done few times but its still the same

If it is centrally managed why are you looking at the logs on the device itself then? To my knowledge the object resolution is not done on the local device logs, only on the logserver.

What you are saying is correct. Actually, I got a few 1400 appliances, some running local, some running central, and the point is, all unable to show obj name. The firmware itself also has been upgraded to the latest version.

So what are you actually saying? I do not think you will see resolution of objects locally on the boxes untill you define these objects locally on those boxes as well. 

Main question is though: why are you looking at the logs on the local devices instead of the central logs?

Why do you need to see this resolution on the local logs?

I do not think you will see resolution of objects locally on the boxes untill you define these objects locally on those boxes as well.

= I did define it locally on the boxes already.

Main question is though: why are you looking at the logs on the local devices instead of the central logs?

= What do you mean by this? what i can say is because this firewall is not manage by other management server, its locally managed, there is no other place to see its log right..? this firewall not using any SmartEvent server or any syslog server.

Why do you need to see this resolution on the local logs?

= It is seperate firewall. not connecting with other smart-1 or smartEvent.

Sounds like a real issue to me - network objects defined locally should show in logs 😞

I share similar thoughts. The Resolve Network Objects option works only for direct DNS queries and only if Allow DNS server to resolve object name option is enabled for object to be resolved. That is, if you configure appliance as DNS on a host, you will be able to resolve these objects by name.

I guess this is not enabled for local logging because of performance reasons. 

I know some syslog servers can resolve IP addresses (syslog-ng for example) but never tried it. And it will require to maintain a copy of the hosts database in one more place.

Correct, logs do not show the object name in either locally or centrally managed SMB appliances.

I don't know if they should, but I have worked with more than 20 appliances since R77.20.10 and have never seen the names resolved.

Just a final statement: i am very glad that my SMS always shows logs of managed SMB appliances and logs from standAlone SMB appliances with all names displayed.