GE ML1200 Switch User Manual

6.3.2 Logs
All events occurring on the Managed MultiLink ML1200 Managed Field Switch are logged.
The events can be informational (e.g. login, STP synchronization etc.), debugging logs (for
debugging network and other values), critical (critical events), activity (traffic activity) and
fatal events (such as unexpected behavior). The specific types of logs can be viewed and
cleared. To view the logs in the EnerVista Secure Web Management software, select the
Configuration > Logs menu item.
Note the different types of logs. Specific logs may be viewed by using the drop down menu
in the top right corner
As discussed in the previous section, any port can be set to monitor security as well as
make a log on the intrusions that take place. The logs for the intrusions are stored on the
switch. When the switch detects an intrusion on a port, it sets an “alert flag” for that port
and makes the intrusion information available.
The default log size is 50 rows. To change the log size, select the Configuration > Statistics
> Log Statistics menu item.
When the switch detects an intrusion attempt on a port, it records the date and time
stamp, the MAC address, the port on which the access was attempted and the action
taken by the MultiLink ML1200 Managed Field Switch. The event log lists the most recently
detected security violation attempts. This provides a chronological entry of all intrusions
attempted on a specific port.
The event log records events as single-line entries listed in chronological order, and serves
as a tool for isolating problems. Each event log entry is composed of four fields
Severity - the level of severity (see below).
Date - date the event occurred on. See Date and Time on page 5–8 for information
on setting the date and time on the switch.
Time - time the event occurred on. See Date and Time on page 5–8 for information
on setting the date and time on the switch
Log Description - description of event as detected by the switch