LOGS - AUDIT LOGS
This menu is not available on firewalls that are not equipped with storage media.
The Logs - Audit logs module allows you to read logs (made easy with views by types of alarms, connections, web logs, etc) generated by appliances and stored locally. Advanced filters allow these logs to be thoroughly analyzed.
For the purpose of compliance with the European GDPR (General Data Protection Regulation), personal data (user name, source IP address, source name, source MAC address) is no longer displayed in logs and reports and have been replaced with the term "Anonymized".
To view such data, the administrator must then enable the "Full access to logs (sensitive data)" privilege by clicking on "Restricted access to logs" (upper banner of the web administration interface), then by entering an authorization code obtained from the administrator's supervisor (see the section Administrators > Ticket management). This code is valid for a limited period defined at the moment of its creation.
To release this privilege, the administrator must click on "Full access to logs (sensitive data)" in the upper banner of the web administration interface, then click on "Release" in the dialog box that appears.
After a privilege is obtained or released, data must be refreshed.
Please note that every time a "Full access to logs (sensitive data)" privilege is obtained or released, it will generate an entry in logs.
For more collaborative security, based on views and audit logs, it is now possible in just one click to increase the level of protection on a host. An interactive feature will allow you to add hosts to a pre-set group and assign a strengthened protection profile or specific filter rules to them (quarantine zones, restricted access, etc.).
For further information, please refer to the Technical Note Collaborative security.
Storage device: SD Card
The External log storage on SD card feature is available on SN160(W), SN210(W) and SN310 firewall models. This feature is offered with a subscription to the “External storage” option.
The type of SD card must be at least Class 10 and compliant with the SDHC or SDXC standard.
Only the SD format is compatible: Micro SD or Nano SD cards fitted with an adapter are not supported. The maximum memory supported is 2 TB.
Storing logs on an external medium can only be done on an SD card. This service is not compatible with other storage media such as a USB key or an external hard disk.
For more information, refer to the Guides PRESENTATION AND INSTALLATION OF NETASQ PRODUCTS U SERIES – S Models or PRESENTATION AND INSTALLATION OF STORMSHIELD NETWORK PRODUCTS SN Range, available on the Stormshield Technical Documentation website.