User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S

161

162

163

164

165

166

167

168

169

170

ManageEngine Firewall Analyzer :: User Guide

161

Zoho Corp.

Archiving Log Files

Firewall Analyzer archives the logs received from each device, and zips them in regular

intervals. The Archived Files page files that have been archived for each device, along

with options to load the file to search, and delete the file.

Encrypting Archived Log files

Firewall Analyzer encrypts the log archive files to ensure the log data is secured for

future forensic analysis and internal audits. Encryption makes the log data unreadable

for human. It can be only decrypted by the Firewall Analyzer application.

Time stamping

The time stamping technique ensures that the archive data files are tamper proof. If

there is a modification of file, this technique will reveal that the file has been tampered.

Loading Archived Files

The Archived Files page lists the files that have been zipped for each device, along with

the archived time, file size, and archiving status.

The list contains the following columns:

Attribute

Description

Device

The name of the device for which the log file is archived.

File Name

Start

Time

The starting time of the log file archiving process.

Archived

Time

The completion time of the log file archiving process.

File Size The file size of the archived logs.

Status

You can view the log file archiving status in this column. The status values

are: All, Loaded, Loading, Not Loaded, Verified and Tampered. The

appropriate status value will be displayed, denoting the file archiving status.

While loading Archived Files, if the archived file is tampered, it will not be

loaded and marked as Tampered. If it is not tampered, it will be marked as

Verified.

Action

You can carry out the following actions on the archived log files. The Actions

are: Load to Search and Report. The Actions are discussed below.

To load an archived file for search, click the Load to Search link against the device for

which you need to see archived data. Once the file is fully loaded, you can search for

data in the archives, and view specific information.

If you click Load to Search link, the Raw Log Search screen pops up. In the screen,

on top you will find Device Name : <>, Defined Criteria : -, Searched From : Traffic

Logs