Step 5: Enable Logging for Traffic That Doesn’t Match Any Rules
Expand all | Collapse all
Step 5: Enable Logging for Traffic That Doesn’t Match Any Rules
Internet gateway traffic that doesn't match the rules you defined matches the predefined
interzone-default rule at the bottom of the rulebase and is denied. For visibility
into the traffic that doesn't match the rules you created, enable logging on the
interzone-default rule:
Select the interzone-default rule's row in the rulebase and
Override
the rule to edit it.
Select the
interzone-default
rule
name to open the rule for editing.
On the
Actions
tab, select
Log
at Session End
and click
OK
.
Create a custom report to monitor traffic that matches the rule:
Add
a report and give it a descriptive
Name
.
Set the
Database
to
Traffic
Summary
.
Select the
Scheduled
check box.
Add
Rule
,
Application
,
Bytes
,
Sessions
to the
Selected Columns list.
Set the desired
Time Frame
,
Sort
By
, and
Group By
fields.
Define the query to match traffic that matches the interzone-default
rule:
(rule eq 'interzone-default')
Commit
the changes you made to
the rulebase.