The Extended Log Files screen (System Configuration > Logging Options > Extended Log Files) provides options for logs relating to the Edge Security Pack (ESP) and Web Application Firewall (WAF) features. These logs are persistent and will be available after a LoadMaster reboot. To view all of the options click the icons.

The ESP and WAF audit logs are rotated every 30 days (older logs are removed). WAF remote logs are rotated every seven days.

Note: If debug logging is enabled, it is possible that sensitive information may appear in the logs. If you are concerned by this, clear all the logs immediately after disabling debug logging.

Note: In addition to WAF logs, ESP logs are also available on this screen. For more information, refer to the Edge Security Pack (ESP) Feature Description.

WAF Audit Logs: WAF logs based on what has been selected for the Audit mode drop-down list (either Audit Relevant or Audit All) in the WAF Options section of the Virtual Service modify screen.

To view the logs, select the appropriate log file and click the relevant View button.

The number listed in each log entry corresponds to the ID of the Virtual Service. To get the Virtual Service ID, first ensure that the Application Programming Interface (API) is enabled (Certificates & Security > Remote Access > Enable API Interface). Then, in a web browser address bar, enter https://<LoadMasterIPAddress>/access/listvs. Check the index of the Virtual Service. This is the number that corresponds to the number on the audit log entry.

One or more archived log files can be viewed by selecting the relevant file(s) from the list of file names and clicking View . You can filter the log files by entering a word(s) or regular expression in the filter field and clicking the View field.

Clear Extended Logs

All extended logs can be deleted by clicking Clear .

Specific log files can be deleted by filtering one or more individual log files in the log file list, or selecting a specific log type (for example, connection, security, or user) in the log file list and clicking Clear. Click OK on any warning messages.

Save Extended Logs

All extended logs can be saved to a file by clicking Save .

Specific log files can be saved by filtering one or more individual log files in the log file list, or selecting a specific log type (for example connection, security or user) in the log file list and clicking Save.