Monitor Traffic on Cloud-Managed Fireboxes

Applies To: Cloud-managed Fireboxes

This feature is only available to participants in the WatchGuard Cloud Beta program.

Information on the Traffic Monitor page can help you troubleshoot network performance. This page is only available when your cloud-managed Firebox is connected to WatchGuard Cloud.

To monitor traffic on cloud-managed Fireboxes:

  1. Select Monitor > Devices.
  2. Select a cloud-managed Firebox.
    The Device Summary page for the selected Firebox opens.
  3. Select Live Status > Traffic Monitor.
    The Traffic Monitor page opens.

Real-time Traffic

On the Traffic tab, you can view real-time data on the currently active connections through your cloud-managed Firebox. Each tile on the Traffic tab shows the connection rate, number of bytes transferred through the connection, and the number of hits. The tiles refresh every 30 seconds.

Top Clients

Shows a list of the top 10 clients connected to the cloud-managed Firebox that use the most bandwidth.

Click View All to show all the clients connected to the Firebox.

Top Destinations

Shows a list of the top 10 most frequently visited destinations for current connections.

Click View All to show all the destinations visited.

Top Policies

Shows a list of the top 10 policies that currently manage the most traffic.

Click View All to show all the policies.

Destination Port

Shows a list of the top 10 most frequently used ports for current connections to the cloud-managed Firebox.

Click View All to show all the ports used.

Top Countries

Shows a list of the top 10 most frequent countries identified by Geolocation for connections through the cloud-managed Firebox.

Click View All to show all the countries.

For all tiles, the Rate column displays the current rate of passing data. The Bytes column indicates the total byte count for all existing connections for that host. This is cumulative for all existing open connections.

Show Real-time Traffic Data for a Specific Client IP Address

You can filter the Traffic tab to show only data for a specific client.

To show real-time traffic data for a specific client:

  1. Select Monitor > Devices.
  2. Select the cloud-managed Firebox.
  3. Select Live Status > Traffic Monitor.
    The Traffic Monitor page opens.
  4. On the Traffic tab, in the Client text box, type the IP address of the client you want to show data for.

  1. Click Filter.
    The tiles update for the specific client.

Real-time Log Messages

You can use the Live Logs tab to see log messages generated by your Firebox as they occur. The Firebox sends log messages as traffic passes through the device. On some networks, there can be a short delay as log messages are sent.

To view real-time log messages for a Firebox:

  1. Select Monitor > Devices.
  2. Select the cloud-managed Firebox.
  3. Select Live Status > Traffic Monitor.
    The Traffic Monitor page opens.
  4. On the Live Logs tab, view the log messages for traffic through the Firebox.

  1. Click to stop and start the live feed of messages.
  2. To search for a specific log message, in the Search text box, type the message you want to search for and press Enter.

Filter Log Messages by Type

To filter log messages, on the Live Logs tab, click the filter or filters for the type of log messages you want to see.

All

Shows all log messages.

Traffic

Shows traffic log messages the Firebox sends as it applies packet filter and proxy rules to traffic that goes through the device.

Alarm

Shows alarm log messages that are sent when an event occurs that triggers the Firebox to run a command.

Event

Shows event log messages the Firebox sends because of user activity.

Diagnostic

Shows diagnostic log messages with information that you can use to help troubleshoot problems.

Statistic

Shows statistic log messages with information about the performance of the Firebox. By default, the device sends log messages about external interface performance and VPN bandwidth statistics to your log file. You can use these logs to change your device settings as necessary to improve performance.

See Also

Add a Cloud-Managed Firebox to WatchGuard Cloud

Configure Traffic Types in a Firewall Policy