system session log
Configures your firewall to log session information on session creation, session deletion, and at regular intervals.
- creation
- Specifies that the firewall logs session information when a session is created.
- deletion
- Specifies that the firewall logs session information when a session is deleted.
- periodic
- Specifies that the firewall logs session information in regular intervals.
- time-in-seconds
- Specifies the number of seconds between each logging of session information. This value can range from 5 to 86400.
Configuration mode
system {
session {
log {
creation
deletion
periodic <time-in-seconds>
}
}
}
Use the set form of this command to configure session logging.
Use the delete form of this command to stop performing session logging.
Use the show form of this command to display the session information logs.
The following examples show logs created when the system session log commands are configured.
This example shows a log created on session creation:
Aug 01 14:18:51 vyatta-host1 dataplane[2010]: FIREWALL: SESSION_CREATE duration=0.803 ifname=dp0p1s1 session-id=5 proto=tcp(6) addr=10.10.1.1->10.10.2.3 port=48060->22 fw-rule=FW:10
This example shows a log created on session deletion:
Aug 01 14:23:16 vyatta-host1 dataplane[2010]: FIREWALL: SESSION_DELETE duration=266.152 ifname=dp0p1s1 session-id=5 proto=tcp(6) addr=10.10.1.1->10.10.2.3 port=48060->22 out=40/6747 in=43/5798 fw-rule=FW:10
This example shows a periodic session log:
Aug 01 15:33:02 vyatta-host1 dataplane[2010]: FIREWALL: SESSION_ACTIVE duration=137.231 ifname=dp0p1s2 session-id=11 proto=udp(17) dir=out addr=10.10.1.2->10.10.2.3 port=34571->111 out=77/14132 in=34/10231 fw-rule=fw_out:100 alg=rpc engine=ndpi app-name=(Unavailable) proto-name=NFS type=DataTransfer