A log is maintained of all messages, describing the opening, closing and denial of all connections. Eagle system errors are also sent to the log, as is diagnostic information if suspicious activity is detected. This represents an audit trail of the activity on your gateway. It provides valuable clues in the event there is an attempted security breach of your network.
Various activities produce messages which are saved in a log file on
your G Box. The individual messages are described in Appendix
. The messages are posted through syslogd to
/usr/adm/sg/logfile. Refer to syslogd(8) for a description
of the system log facility. At the end of each day the current logfile
is archived. These logs can be perused anytime or loaded into a
database for processing. Sample log entries are shown in Table
. The next sections describe the programs that process
the message logs.