Understanding and Interpreting Firewall Logs and Alerts
Enabling firewall logging is often a fairly simple task. Recording traffic and events into a file is not really a complex task. But deciding which events warrant the triggering of an alert and what the contents of a log file actually mean is not always so straightforward.
An alert is the automated notification to an administrator when a specific event affects the firewall. Some software host firewalls are preconfigured with a wide number of pop-up messages triggered each time one of the all-too-common activities occurs. For example, each time a new application attempts to communicate with the network, a firewall pop-up alert might notify the user of this event and prompt an action (
Get Network Security, Firewalls, and VPNs, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
