F5 Firewall Solutions > [Archive1] AFM - The Data Center Firewall > Lab 1 – Advanced Firewall Manager (AFM) > Creating AFM Network Firewall Rules Source | Edit on
Create and View Log Entries¶
In this section, you will generate various types of traffic through the firewall as you did previously, but now you will view the log entries using the network firewall log. Open your web browser and once again try to access http://10.1.20.11. Also, try to ping 10.1.20.11.
Open the Security > Event Logs > Network > Firewall page on bigip01.f5demo.com (10.1.1.4). The log file shows the ping requests are being accepted and the web traffic is being dropped:
Note
Logging is Pre-Configured for this lab
We will not configure external logging in this lab, you should be aware that the BIG-IP supports high speed external logging in various formats including SevOne, Splunk and ArcSight.
Navigate: Security > Options > Network Firewall > Firewall Options
Default Firewall options configuration determine if the system is in ADC mode or Firewall Mode. In the screenshot below note the Virtual Server & Self IP Contexts Value. If it is set to Accept (system default) the Firewall is in ADC mode.
Note
For this lab we will use Firewall Mode with the value set to Reject
Review the log configuration¶
Navigate Security>>Event Logs>>Logging Profiles
Navigate Select Global Network
Navigate Click on the Network Firewall Tab
Navigate Use the publisher pulldown to select local-db-publisher
Review the configuration. The Storage Format section allows you to select the values included in the log.