: Step 5: Enable Logging for Traffic That Doesn’t Match Any Rules
Focus
Focus

Step 5: Enable Logging for Traffic That Doesn’t Match Any Rules

Table of Contents

Step 5: Enable Logging for Traffic That Doesn’t Match Any Rules

Internet gateway traffic that doesn't match the rules you defined matches the predefined interzone-default rule at the bottom of the rulebase and is denied. For visibility into the traffic that doesn't match the rules you created, enable logging on the interzone-default rule:
  1. Select the interzone-default rule's row in the rulebase and
    Override
    the rule to edit it.
  2. Select the
    interzone-default
    rule name to open the rule for editing.
  3. On the
    Actions
    tab, select
    Log at Session End
    and click
    OK
    .
  4. Create a custom report to monitor traffic that matches the rule:
    1. Select
      Monitor
      Manage Custom Reports
      .
    2. Add
      a report and give it a descriptive
      Name
      .
    3. Set the
      Database
      to
      Traffic Summary
      .
    4. Select the
      Scheduled
      check box.
    5. Add
      Rule
      ,
      Application
      ,
      Bytes
      ,
      Sessions
      to the Selected Columns list.
    6. Set the desired
      Time Frame
      ,
      Sort By
      , and
      Group By
      fields.
    7. Define the query to match traffic that matches the interzone-default rule:
      (rule eq 'interzone-default')
  5. Commit
    the changes you made to the rulebase.

Recommended For You