This article applies to:
Question:
How does Firewall Suite handle log files from load balanced firewalls or proxy servers?
Information:
Case 1: Activity Logs are Combined in One Store
In some firewall clusters, the firewalls use the same log resource. All log records from the different servers are stored in the same log file. Proxy servers rarely use the same log resource, though the same guidelines apply if they are configured in this way.
Firewall Suite will need a firewall or proxy server license for each of the servers in the cluster. Since Firewall Suite automatically manages server licenses, there is no way to choose a range of servers on which to report.
Case 2: Each Firewall Maintains its Own Activity Log
In some cases, each firewall or proxy server in the cluster maintains its own log data separate from the other firewalls. Firewall Suite can be configured to read and combine data from multiple logs as long as they are from the same type of server. Use wildcards in the log file path field to combine multiple logs--see the online help for more information.
In the same way, Firewall Suite will need another firewall or proxy server license if multiple logs from different servers need to be combined.
Contact Marshal to obtain information about updating or purchasing additional licensing.
- This article was previously published as:
- NETIQKB1541