The Extended Log Files screen provides options for logs relating to the ESP and WAF features. These logs are persistent and will be available after a LoadMaster reboot. To view all of the options click the icons.

The ESP and Web Application Firewall (WAF) audit logs are rotated every 30 days (older logs are removed). WAF remote logs are rotated every seven days.

Note: If debug logging is enabled, it is possible that sensitive information may appear in the logs. If you are concerned by this, clear all the logs immediately after disabling debug logging.

Note: In addition to WAF logs, ESP logs are also available on this screen. For more information, refer to the Edge Security Pack (ESP), Feature Description.

WAF Audit Logs: recording WAF logs based on what has been selected for the Audit mode drop-down list (either Audit Relevant or Audit All) in the WAF Options section of the Virtual Service modify screen.

To view the logs, select the appropriate log file and click the relevant View button.

The number listed in each log entry corresponds to the ID of the Virtual Service. To get the Virtual Service ID, first ensure that the API interface is enabled (Certificates & Security > Remote Access > Enable API Interface). Then, in a web browser address bar, enter https://<LoadMasterIPAddress>/access/listvs. Check the index of the Virtual Service. This is the number that corresponds to the number on the audit log entry.

One or more archived log files can be viewed by selecting the relevant file(s) from the list of file names and clicking the View button. You can filter the log files by entering a word(s) or regular expression in the filter field and clicking the View field.

Clear Extended Logs

All extended logs can be deleted by clicking the Clear button.

Specific log files can be deleted by filtering on a specific date range, selecting one or more individual log files in the log file list or selecting a specific log type (for example, connection, security or user) in the log file list and clicking the Clear button. Click OK on any warning messages.

Save Extended Logs

All extended logs can be saved to a file by clicking the Save button.

Specific log files can be saved by filtering on a specific date range, selecting one or more individual log files in the log file list or selecting a specific log type (for example connection, security or user) in the log file list and clicking the Save button.