Web tamper proof logs

Introduction

The Web Tamper Proof Logs page displays the logs generated by the tamper proof function to provide information about webpage tampering events. This helps administrators to adjust the corresponding policies for internal security.

To view Web tamper proof logs, you must enable log collection for the tamper proof service from the System > Log Settings > Storage Space Settings page.

vSystem support information

Support of non-default vSystems for this feature depends on the device model. This feature is available on the Web interface only if it is supported.

Restrictions and guidelines

• Only one log operation (import, export, or clear) is allowed at a time.

• Only one user can perform a log operation at a time. When you import, export, or clear logs, make sure no one else is performing a log operation.

Manage Web tamper proof logs

Import logs

1. Click the Monitor tab.

2. In the navigation pane, select Security Logs > Web Tamper Proof Logs.

3. Click Import.

4. In the dialog box that opens, click OK.

5. Select a log file, and enter the password for the log file. The password was set when the file was exported.

Export logs

To export logs to the local, perform the following steps:

1. Click the Monitor tab.

2. In the navigation pane, select Security Logs > Web Tamper Proof Logs.

3. Click on the right of the displayed columns. On the page that opens, specify the search criteria and click Apply to display the logs to be exported.

4. Click Export.

5. On the page that opens, configure the log export settings.

   Table-1 Log export configuration items

   Item	Description
   Set password	Enter a password for encrypting the log files. This password must be provided to open the exported log files.
   Logs per file	Specify the maximum number of log entries in each file. If the number of log entries to be exported is equal to or smaller than the specified number, the device exports the log entries to one file. If the number of log entries to be exported is greater than the specified number, the device exports the log entries to multiple files.

6. Click Export.

Enable webpage file caching

After you select Enable for the Cache webpage file field, the device will cache a webpage file upon detecting inconsistency between the webpage file and the baseline file. To view the cached webpage file, click Download in the Cached webpage file column for the corresponding log on the Monitor > Security Logs > Web Tamper Proof Logs page.

The device supports caching webpage files only when a hard disk or a USB disk is present.

Set cached webpage file state

If the device detects that a cached webpage file is not consistent with the baseline file, the device generates a log and considers the webpage file to be tampered by default. You can view the cached webpage file from the Web Tamper Proof Logs page to identify whether the cached webpage is tampered. If the cached webpage file is valid and not tampered, you can set the file as untampered. The device will replace the baseline file with this cached webpage file.

You can set the cached webpage file state only when a hard disk or USB disk is present.

To set the cached webpage file state:

1. Click the Monitor tab.

2. In the navigation pane, select Security Logs > Web Tamper Proof Logs.

3. To set the state of a cached webpage file, click Set as tampered or Set as untampered in the Set webpage file column for that cached webpage file.

4. To bulk set the state of cached webpage files, select target logs and then click Set as tampered or Set as untampered on top of the log list.