Black Box ET0100A Manual

next previous

ETEP Configuration

322 EncrypTight User Guide

Related topics:

● “Log Event Settings” on page 322

● “Defining Syslog Servers” on page 323

● “Log File Management” on page 324

● “Retrieving Appliance Log Files” on page 228

Log Event Settings

Categories of log messages are referred to as facilities, and they typically indicate which process

submitted a message. Each facility can be assigned a priority, which sets the level at which a log message

is triggered. Log events settings consist of a log facility and its priority level.

Five facilities are unique to the ETEP. When messages from these facilities are sent to a syslog server,

syslog displays their source as Local 0 - Local 4. Table 96 describes each facility and provides a mapping

of the ETEP facility name to its syslog counterpart. The Internals facility consists of several operating

system facilities.

The priority determines the amount of information that is recorded for a log facility. When you select a

priority for a facility, all messages at that priority and higher are logged; for example a priority of “error”

Table 96 Log facilities

Facility Description

Local0/System Significant system events that are not associated with the other pre-

defined facilities, including:

• NTP clock sync successes and failures (informational priority)

• Appliance software upgrade status (notice priority)

• ET1000A power supply status changes (informational priority)

• XML-RPC calls from ETEMS to the ETEP (debug priority)

Local1/Data plane • Messages about packet processing and encryption

• PMTU changes (debug priority)

Local 2/DistKey EncrypTight distributed key functionality, such as rekeys and policy

deployments (informational priority)

Local 3/PKI Certificate messages

Local 4/SNMP SNMP messages

Internals Operating system messages for the following Linux facilities: audit,

auth and authpriv, cron, daemon, kernel, syslog, user.

Audit log events are associated with a user name. The audit log

includes events such as the following:

• Successful and unsuccessful log in attempts

• Additions and deletions of ETEP user accounts

• Use of administrator functions, such as appliance configuration

changes and policy deployments.