Question about logid condition in Dataset

Forum|Forum|10 years ago
June 10, 2016
1 reply
5081 views

Hi everybody,

I'm using FAZ VM64 v5.2.3.

Does anyone have any idea about this condition of logid in dataset.

logid_to_int(logid) not in (4, 7, 14)

what do these 3 magic numbers mean? I have a FGT v5.0 and this condition rules out all the log.

Thanks,

Cuong Pham

hzhao_FTNT

Staff

Hi Cuong Pham,

logid 4: session start, this will cause a duplicate session

logid 7: invalid session

logid 14: local traffic

Regards,

hz

Pham_Phu_CuongAuthor

New Member

Hi hzhao,

Thank you for your answer.

Do you have any idea why my FGT v5.0 only have the logs with logid 14 (local traffic).

The FGT is set to be an explicit proxy, and the traffic I'm getting in Log View have the Dest Interface is "root".

Is it the different between v5.0 and v5.2

Thanks,

Cuong Pham

Pham_Phu_CuongAuthor

New Member

Hi,

I have found the answer for my question so I thought I'd share.

My FGT v5.0 is enabled by configured in the Network section with the Default Firewall Policy Action set to Accept.

And there wasn't a policy for the web proxy in the Policy section so the traffic weren't logged. And because of the default Accept, a policy is not needed for the proxy to work.

Those logs I was getting is just the incoming local traffic towards the proxy.

By the way, I have another question related to this.

With a new policy added the the webproxy to go to the internet, I'm getting the traffic I want. But I wonder which policy the Local traffic logs came from. What if I want to turn off the local traffic logs. I noticed the policy id of the local traffic log is "0".

In other FGT v5.2, I don't get the Local traffic logs. Is it normal?

Thanks,

Cuong

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded