Use the features in the Analysis and Diagnostics area
to work with logs, use the ping and traceroute tools, and download
log files.
Reviewing logs
Use the Logs area of your Network
IPS appliance
to view system, firewall, and security alert logs. You can filter
these lists for specific keywords and network characteristics and
save your searches for future use.
Using diagnostics
Use the Analysis and Diagnostics area
of your Network
IPS appliance
to test communications, trace IP packets, and manage SNORT rule profiling
files.
Logs and packet captures
View and download log files and packet captures associated
with your Network
IPS appliance
and translate log file timestamps.
Configuring a LEEF system log
To help integrate different components on your network,
the appliance can send event information to a security incident event
manager (SIEM) by using the log event extended format (LEEF).