Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X1000
191192193194195196197198199200
Setting Global Logging and Notification Preferences
User Guide 183
entries in two weeks, whereas a large one with many services enabled
might easily log 100,000 entries in a day.
When considering your ideal maximum log file, consider how often you
plan to issue reports of the Firebox activity. WatchGuard Historical
Reports uses a log file as its source to build reports. If you issue weekly
reports to management, you would want a log file large enough to hold a
typical eight or nine days’ worth of events. Watch your initial log file
configuration to see how many days’ events it collects before turning
over, and then adjust the size to your reporting needs.
Setting the interval for log rollover
You can control when the WSEP application rolls over using the Log Files
tab in the WatchGuard Security Event Processor. The WSEP application
can be configured to roll over by time interval, number of entries, or both.
From the WatchGuard Security Event Processor interface:
1 Click the Log Files tab.
The Log Files tab information appears, as shown in the following figure.
2 For a time interval, enable the Roll Log Files By Time Interval
checkbox. Select the frequency. Use the Next Log Roll is Scheduled
For drop list to select a date. Use the scroll control or enter the first
time of day.
3 For a record size, enable the Roll Log Files By Number of Entries
checkbox. Use the scroll control or enter a number of log record
entries.
The Approximate Size field changes to display the approximate file size of the final
log file. For a detailed description of each control, right-click it, and then select
What’s This?. You can also refer to the “Field Definitions” chapter in the
Reference Guide.
4 Click OK.
The WSEP interface closes and saves your entries. New settings take effect
immediately.