How do I create a custom access log to track a particular subnet?
search cancel

How do I create a custom access log to track a particular subnet?

book

Article ID: 166050

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

You want to create an access log to capture the traffic activity for one particular subnet.

 

Resolution

1. Create a new log file

  • Go to the Management Console
  • Click Configuration > Access Logging > Logs
  • Click New > Log Name (give this log a name, such as 'test_subnet')
  • Click Log Format > bcreportermain_v1
  • Click Apply

2. Create a policy to have the ProxySG direct writes to the access file when specific subnet access through Proxy.

 In the Virtual Policy Manager (VPM), create a new Web Access Layer to perform writes to the new log (For example, want to log source host/subnet 10.1.1.0/255.255.255.0).

  • Launch the Visual Policy Manager from the Management Console (Policy > Visual Policy Manager > Launch).
  • From the Policy menu, lick Create New Web Access Layer.
  • Label the new web access layer 'Log 1.1.1.x subnet' or a name equally appropriate to this task.
  • Right-click the source field in this rule, click Set > New > Client IP Address/Subnet.
  • Define the network address and netmask for the subnet you want to configure (host/subnet 10.1.1.0/255.255.255.0).
  • Leave the Destination, Service and Time fields blank
  • Right-click the Action field and click Set > New > Modify Access Logging > Enable Logging to=”select the newly created Log file, in this example its "test_subnet”
  • Click OK, OK
  • Install Policy

This rule will now be active.  While the ProxySG has a new log and a rule to record traffic in that log, there's one more step - configuring how the Proxy will offload this new log.

3. Configure the access log to upload to an FTP server (optional).

  • Go to the Web Management Console. Click Configuration > Access Logging > Logs > Upload Client.
  • Select the test_subnet log from the drop-down menu at the top of the page.
  • Configure the Upload Client as an FTP Client.
  • Click Settings. Configure the path, username and primary password as needed.