AMG1302/AMG1202-TSeries User’s Guide
201
C
HAPTER
18
Logs
18.1
Overview
The web configurator allows you to choose which categories of events and/or alerts to have the
AMG1302/AMG1202-TSeries log and then display the logs or have the AMG1302/AMG1202-TSeries
send them to an administrator (as e-mail) or to a syslog server.
18.1.1
What You Can Do in this Chapter
•
Use the
Log
screen to see the system logs for the categories that you select (
Section 18.2 on
page 202
).
18.1.2
What You Need To Know
The following terms and concepts may help as you read this chapter.
Alerts and Logs
An alert is a type of log that warrants more serious attention. They include system errors, attacks
(access control) and attempted access to blocked web sites. Some categories such as
System
Errors
consist of both logs and alerts. You may differentiate them by their color in the
View Log
screen. Alerts display in red and logs display in black.
Syslog Overview
The syslog protocol allows devices to send event notification messages across an IP network to
syslog servers that collect the event messages. A syslog-enabled device can generate a syslog
message and send it to a syslog server.
Syslog is defined in RFC 3164. The RFC defines the packet format, content and system log related
information of syslog messages. Each syslog message has a facility and severity level. The syslog
facility identifies a file in the syslog server. Refer to the documentation of your syslog program for
details. The following table describes the syslog severity levels.
Table 74
Syslog Severity Levels
CODE
SEVERITY
0
Emergency: The system is unusable.
1
Alert: Action must be taken immediately.
2
Critical: The system condition is critical.
3
Error: There is an error condition on the system.
4
Warning: There is a warning condition on the system.
5
Notice: There is a normal but significant condition on the system.