Tunnel Content Inspection Logging | Tunnel Content Inspection is
enhanced so that you can separate logs for outer tunnel traffic
from logs for inside traffic, which is subject to security policy
rules. This separation provides more reporting options, enhanced
ACC statistics, and makes troubleshooting long-lived sessions, such
as GRE, easier. For example, using only the default logging for
a security policy rule (which logs at session end) might not provide
any logs, but now you can log tunnel sessions at the start and end
of a session, allowing you to view all GRE traffic. You can also
now forward tunnel inspection logs to one or more servers or to Panorama,
which makes it more convenient to access log data. Additionally,
when you view a detailed tunnel inspection log, it includes the
name of the tunnel inspection rule applied to a session that was captured
in the log, which makes it easier to track information about non-encrypted
tunnel traffic. |