IPSec filtering logging settings

This topic describes IPSec filtering logging settings in MainView for IP.

You can configure the IPSec filtering logging settings as described in the follow table.

IP filter

Description

Default value

Logging

Specifies whether to log IPSec filtering messages (EZD08* messages that TRMD sends to SYSLOGD). You have the option of collecting these messages for display on the IPSECLG view. The TRMD address space must be active, and you must specify IPSec filtering logging in the IPSec rules for the PAGENT address space

OFF

Logging Type

Specifies which type of IPSec Filtering messages MainView for IP will log. The possible values are:

  • ALL - logs all messages
  • PERMIT - logs the EZD0814I and EZD0836I messages
  • DENY - logs the EZD0815I, EZD0821I, EZD0822I, EZD0832I, and EZD0833I messages
  • DENYPERMIT - logs DENY and PERMIT messages
  • TRMD - logs all messages from the TRMD address space

ALL

Max Entries

Specifies the number of entries in the IPSec Filtering table in the data space. The value must be between 10000 and 99999. The records are written at interval time, and the dataspace is cleared. If more records are written to the IP Filtering table than the maximum value allowed during an interval, no more records will be logged.

Note

Any changes to the Max Entries value will require a recycle of the MainView for IP PAS to allow the change to register.

10000



 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*