Login
- Table of Contents
-
- 02-Monitor
- 01-Attack defense statistics
- 02-Application audit logs
- 03-Blacklist logs
- 04-File filtering logs
- 05-TopN file filtering statistics
- 06-TopN file filtering trends
- 07-Flood attack logs
- 08-DNS cache information
- 09-Transparent DNS proxy statistics
- 10-Link load balancing statistics
- 11-Server load balancing statistics
- 12-URL visit trends
- 13-Operation logs
- 14-Report settings
- 15-Scanning attack logs
- 16-Session list
- 17-Single-packet attack logs
- 18-System logs
- 19-Threat logs
- 20-TopN threats
- 21-TopN threat trends
- 22-Traffic logs
- 23-TopN traffic
- 24-TopN traffic trends
- 25-URL filtering logs
- 26-TopN URL filtering statistics
- 27-TopN URL filtering trends
- 28-User information center
- 29-Security policy log
- 30-IPv4 online users
- 31-IPv6 online users
- 32-Load balancing logging
- 33-LB session information
- 34-MAC authentication online users
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 19-Threat logs | 31.71 KB |
This help contains the following topics:
Introduction
The Threat Log List page displays the logs generated by the IPS module and the anti-virus module. These logs help administrators customize IPS profiles and anti-virus profiles to improve network security.
When configuring an IPS profile or anti-virus profile, you can enable the logging function. The IPS module and anti-virus module can then generate logs for matching packets.
Configuration guidelines
Exporting threat logs
To export threat logs on the current page, click Export to Excel.
Viewing threat log details
To view details of a log, click the Details icon 
in the Details column.
In the Threat Log Details window, the threat name in the Threat information area and the
fields in the Packet Details area may display incompletely. To view the complete content, you
can use the following methods:
· Hover over the content.
· Copy the complete content.
¡ If the browser supports the copy function, click Copy and paste the complete content to the clipboard directly.
¡ If the browser does not support the copy function, click Copy and then obtain the complete content on the window that opens.
Downloading capture files
The device generates a capture file after the IPS module executes the capture action. With a hard disk installed in the device, the Download column appears, allowing you to download the capture file for threat analysis. To enable the device to cache capture file, you also need to execute the ips capture-cache number command in system view at the CLI. This command enables the device to cache the IPS captured packets.
