Filter
Top Products
Logs
Note: Accurate time and date reporting is necessary for accurate and useful logs. To set the time and
date, use the Date & Time tab in the Network area.
Viewing the Session Logs
The 700wl Series system log files provide informational messages, warnings and so on about the
operation of the 700wl Series system. Session logging goes further to provide information about every
completed session. These logs are optional. If enabled, log entries are sent to an remote Syslog server that
you specify when you enable session logging. For information on enabling session logging, see
“Configuring Session Logging” on page 9-4.
You cannot view the session log files from the Administrative Console. You must view them on your
Syslog server, or through the optional Log Analysis System, a separate application that provides powerful
data analysis tools for viewing and analyzing session log data.
You can view session status for an individual client under the Session Status tab in the Status module of
the Administrative Console. See
“Viewing Session Status” on page 3-12 for more information.
The Session Log Entry Format
The session log entries consists of a single line for each session, for example:
logmsg: pri 36, flags 0, from vm18.testbed.com, msg Nov 13 01:43:50
90466740 129 00:30:65:41:da:56 udp 42.230.129.94:5353 224.0.0.251:5353
10.10.10.18:5353 224.0.0.251:5353 474 0 test
The information in the first line of the example (the underlined fields through the date and time) is added
by the Syslog server. The information from the 700wl Series system starts with the second line of the
example (90466740, which is the start time of the session). The format of the data sent by the 700wl Series
system is:
<Start time> <Duration> <MACaddr> <Protocol> <Client Source> <Client Destination>
<Actual Source> <Actual Destination> <Bytes Transmitted> <Bytes Received> <UserID>
Table 9-4 defines the items in the session log entry. The items are delimited by spaces.
Table 9-4. Session Log information
Data Item Definition
Start time Start time of the session, in seconds since 1/1/2000 12:00am GMT
Note: to convert this to a UNIX time_t (time relative to 1/1/1970) subtract
946684800
Duration Duration of the session in seconds
MACaddr Client‘s MAC address
Protocol Session protocol type
Client Source The original client source IP address and port
Client Destination The original client destination IP address and port
Actual Source The actual source IP address and port, if re-written after NAT
9-6 HP ProCurve Secure Access 700wl Series Management and Configuration Guide