System logs display entries for each system event on the firewall. Each entry includes the date and time, event severity, and event description. The following table summarizes the System log severity levels. For a partial list of System log messages and their corresponding severity levels, refer to System Log Events.
Hardware failures, including high availability (HA) failover and link failures.
Serious issues, including dropped connections with external devices, such as LDAP and RADIUS servers.
Mid-level notifications, such as antivirus package upgrades.
Minor severity notifications, such as user password changes.
Log in/log off, administrator name or password change, any configuration change, and all other events not covered by the other severity levels.
Panorama System and Configuration Logs
Panorama System and Configuration Logs You can configure Panorama to send notifications when a system event or configuration change occurs. By default, Panorama records every ...
Threat Logs Threat logs display entries when traffic matches one of the Security Profiles attached to a security rule on the firewall. Each entry includes ...
View and Manage Logs
View and Manage Logs A log is an automatically generated, time-stamped file that provides an audit trail for system events on the firewall or network ...
Objects > Security Profiles > Vulnerability Protection
Objects > Security Profiles > Vulnerability Protection A Security policy rule can include specification of a Vulnerability Protection profile that determines the level of protection ...
Interpret Correlated Events
Interpret Correlated Events You can view and analyze the logs generated for each correlated event in the Monitor Automated Correlation Engine Correlated Events tab. Correlated ...
Correlation Object A correlation object is a definition file that specifies patterns to match against, the data sources to use for the lookups, and time ...
Correlation Logs The firewall logs a correlated event when the patterns and thresholds defined in a Correlation Object match the traffic patterns on your network. ...
Objects > Security Profiles > Anti-Spyware Profile
Objects > Security Profiles > Anti-Spyware Profile You can attach an Anti-Spyware profile to a Security policy rule to detect connections initiated by spyware and ...
User Credential Detection
User Credential Detection Select Objects Security Profiles URL Filtering User Credential Detection to enable the firewall to detect when users submit corporate credentials. Configure user ...