Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
handiansudianto
Advisor

fwlog and log

When i activate smart event now on the log and monitor there are fw.log and log, what difference between both logs?

 

 

0 Kudos
3 Replies
the_rock
Legend
Legend

fw.log is the current log file. The way it has been with CP for the longest time is that by default, fw.log switches every night at midnight or when it reaches 2 GB size, whichever one comes first. Files that end with log are the ones already switched over and they would most likely have the corresponding date in their names.

Andy

0 Kudos
handiansudianto
Advisor

both logs shown similar logs, but on the log there are many action 'Detect'

0 Kudos
PhoneBoy
Admin
Admin

In your first picture, you can see that it's only pulling from fw.log (the current file).
In the second, it is showing logs from the last 24 hours (again, as your query states).

You would have to click on the log entry and see the full card to understand why traffic is being Detected.
However, it is most likely your Threat Prevention configuration.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events