Device Log Messages (Traffic Monitor)

You can use Firebox System Manager (FSM) to see log messages from your Firebox as they occur.

Things to know about FSM:

  • FSM receives new log messages if currently connected to a Firebox.
  • FSM stores the log messages in a buffer, for as long as FSM remains open.
  • FSM stores up to 25 thousand log messages, an amount that you can configure.

On some networks, there can be a short delay as log messages are sent.

  1. Start Firebox System Manager.
  2. Select the Traffic Monitor tab.

Traffic Monitor can help you troubleshoot network performance. For example, you can see which policies are used most or whether external interfaces are constantly used to their maximum capacity.

You can customize Traffic Monitor to:

Screen shot of the FSM Traffic Monitor tab

Sort and Filter Traffic Monitor Log Messages

You can use the FSM Traffic Monitor buttons to sort the information that you see in the Traffic Monitor. When you select a button, Traffic Monitor shows only log messages of the type you selected. You can also use the filter text box to search the log messages and refine the data you see in Traffic Monitor.

To sort by message type:

  1. Select the Traffic Monitor tab.
  2. To select the type of log message you want to see in Traffic Monitor, click a button:
    • FSM All Logs button — All Logs
    • FSM Traffic Logs button — Traffic Logs
    • FSM Alarm Logs button — Alarm Logs
    • FSM Event Logs button — Event Logs
    • FSM Debug Logs button — Debug Logs
    • FSM Performance Statistics Logs button — Performance Statistics Logs

FSM sorts the log messages and shows only messages of the type you selected.

To filter log messages by specified details:

  1. Select the Traffic Monitor tab.
  2. In the filter text box, type or select the information on which you want to search.
    You can type any value in the filter text box, or select a previously specified value from the drop-down list. The filter history stores up to 30 previous searches. You can also use regular expressions in your search values.
    For more information about how to use regular expressions in Traffic Monitor, go to Change Traffic Monitor Settings.
  1. From the FSM Traffic Monitor search button drop-down list, select Highlight Search Results or Filter Search Results.
    The log messages that match the filter search you selected appear in the Traffic Monitor window.
  2. To remove the filter, click FSM Clear search/filter button.

Example Searches

To filter log messages by specified details, type a value. By default the search filter uses a pattern match search.

To find all log messages for all IP addresses that begin with, type:

To find all log messages only for the IP address, include a space after the number: .

To find log messages that contain the text unhandled, include a space after the text:

unhandled .

To find log messages that contain the phrase User not authenticated, type:

user not authenticated

For more information on regular expressions, go to About Regular Expressions.

