Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X1000
211212213214215216217218219220
Working with Log Files
User Guide 197
IP header length
Length, in octets, of the IP header for this packet. A header length
that is not equal to 20 indicates that IP options were present.
Default = Hide
TTL (time to live)
The value of the TTL field in the logged packet. Default = Hide
Source address
The source IP address of the logged packet. Default = Show
Destination address
The destination IP address of the logged packet. Default = Show
Source port
The source port of the logged packet, UDP or TCP only.
Default = Show
Destination port
The destination port of the logged packet, UDP or TCP only.
Default = Show
Details
Additional information appears after the previously described
fields, including data about IP fragmentation, TCP flag bits, IP
options, and source file and line number when in trace mode. If
WatchGuard logging is in debug or verbose mode, additional
information is reported. In addition, the type of connection may
be displayed in parentheses. Default = Show
Working with Log Files
The Firebox continually writes messages to log files on the WatchGuard
Security Event Processor (WSEP). Because current log files are always
open, they cannot be copied, moved, or merged using traditional copy
tools; you should use WSEP utilities to work with active log files.
Unlike other Firebox System utilities, you cannot access the WatchGuard
Security Event Processor user interface from Control Center. To open the
WSEP Status/Configuration user interface: