REMOTE_STORAGE_UNKNOWN REMOTE_STORAGE_NONE REMOTE_STORAGE_REMOTE REMOTE_STORAGE_SPLUNK REMOTE_STORAGE_ARCSIGHT SIP_STORAGE_FORMAT_UNKNOWN SIP_STORAGE_FORMAT_NONE SIP_STORAGE_FORMAT_FIELD_LIST SIP_STORAGE_FORMAT_USER_DEFINED STATE_DISABLED STATE_ENABLED NETWORK_STORAGE_FORMAT_UNKNOWN NETWORK_STORAGE_FORMAT_NONE NETWORK_STORAGE_FORMAT_FIELD_LIST NETWORK_STORAGE_FORMAT_USER_DEFINED FILTER_KEY_UNKNOWN FILTER_KEY_REQUEST_TYPE FILTER_KEY_PROTOCOL FILTER_KEY_RESPONSE_CODE FILTER_KEY_HTTP_METHOD FILTER_KEY_SEARCH_ALL FILTER_KEY_SEARCH_IN_HEADERS FILTER_KEY_SEARCH_IN_POST_DATA FILTER_KEY_SEARCH_IN_QUERY_STRING FILTER_KEY_SEARCH_IN_REQUEST FILTER_KEY_SEARCH_IN_URI DNS_STORAGE_FORMAT_UNKNOWN DNS_STORAGE_FORMAT_NONE DNS_STORAGE_FORMAT_FIELD_LIST DNS_STORAGE_FORMAT_USER_DEFINED RESPONSE_LOGGING_UNKNOWN RESPONSE_LOGGING_NONE RESPONSE_LOGGING_ILLEGAL RESPONSE_LOGGING_ALL ENTRY_LENGTH_UNKNOWN ENTRY_LENGTH_1K ENTRY_LENGTH_2K ENTRY_LENGTH_10K ENTRY_LENGTH_64K REMOTE_FACILITY_UNKNOWN REMOTE_FACILITY_LOCAL0 REMOTE_FACILITY_LOCAL1 REMOTE_FACILITY_LOCAL2 REMOTE_FACILITY_LOCAL3 REMOTE_FACILITY_LOCAL4 REMOTE_FACILITY_LOCAL5 REMOTE_FACILITY_LOCAL6 REMOTE_FACILITY_LOCAL7 LOGIC_OPERATION_UNKNOWN LOGIC_OPERATION_AND LOGIC_OPERATION_OR REMOTE_PROTOCOL_UNKNOWN REMOTE_PROTOCOL_UDP REMOTE_PROTOCOL_TCP REMOTE_PROTOCOL_TCP_RFC3195 STORAGE_FORMAT_UNKNOWN STORAGE_FORMAT_PREDEFINED STORAGE_FORMAT_USER_DEFINED Gets a list of all (security) logging profiles configured in the system.

Creates the specified logging profiles.

Deletes the specified logging profiles.

Deletes all logging profiles.

Determines whether the specified logging profiles are system logging profiles. A system logging profile is a logging profile pre-configured on the system, ready for use. Non-system logging profiles are logging profiles created or modified by a user. Note that if a system logging profile is modified, it is no longer considered a system logging profile (except those ones that explicitly preserved).

Sets the description for a set of logging profiles. This is an arbitrary field which can be used for any purpose.

Gets the descriptions for a set of logging profiles.

Sets the SIP DoS log publisher in a Logging profile.

Gets the SIP DoS log publisher in Logging profile.

Sets the DNS DoS log publisher in a Logging profile.

Gets the DNS DoS log publisher in Logging profile.

Sets the IP Intelligence log publisher in a Logging profile.

Gets the IP Intelligence log publisher in Logging profile.

Sets the IP Intelligence log translation fields filter state in a Logging profile. When enabled, the system logs all translated fields in IP Intelligence logs. Translated fields include Source Address/Port, Destination Address/Port, IP Protocol, Route Domain, Vlan, Source Address translation reason and Source Address translation Pool. When disabled, the system does not log the translated fields. The default is disabled.

Gets the IP Intelligence log translation fields filter state in Logging profile.

Gets a list of Application Security sub-profiles for a list of given logging profiles.

Adds a list of Application Security sub-profiles to given logging profiles. Note: Only one Application Security sub-profile can exist per logging profile.

Removes specific Application Security sub-profiles from the specified logging profiles.

Removes all Application Security sub-profiles from the specified logging profiles.

Sets the local storage state in Application Security. Local storage specifies, when enabled, that the system stores all traffic in the system and can be viewed in the Requests screen.

Gets the local storage state in Application Security.

Sets the guarantee local logging state in Application Security. Guarantee local logging specifies: - When enabled, that the system logs all requests, even though this may slow your virtual server. - When disabled, that the system logs requests as long as it does not slow your virtual server. The default is disabled. In either case, the system does not drop requests.

Gets the guarantee local logging state in Application Security.

Sets the response logging type in Application Security. The available response logging types are mentioned under the ResponseLogging enumeration.

Gets the response logging type in Application Security.

Sets the guarantee local response logging state in Application Security. Guarantee local response logging specifies, when enabled, that the system logs all responses, even though this may slow your virtual server. The system may drop requests if the database is too slow to log all responses. In order to enable this setting, you must first enable guarantee local logging, and set response logging to either illegal or all requests.

Gets the guarantee local response logging state in Application Security.

Sets the remote storage type in Application Security. The available remote storage types are mentioned under the RemoteStorage enumeration.

Sets the remote storage type to remote, storage format type to predefined and replaces the fields in Application Security. For consistent configuration, when changing the remote storage type to remote (in particular, for the first time) you must specify also the fields or user-string (for the corresponding format type). Please see set_application_remote_storage, set_application_format_predefined and replace_application_fields for more information about every setting.

Sets the remote storage type to remote, storage format type to user-defined and sets the user string in Application Security. For consistent configuration, when changing the remote storage type to remote (in particular, for the first time) you must specify also the fields or user-string (for the corresponding format type). Please see set_application_remote_storage, set_application_format_user_defined and set_application_user_string for more information about every setting.

Gets the remote storage type in Application Security.

Sets the remote protocol in Application Security. The available remote protocols are mentioned under the RemoteProtocol enumeration.

Gets the remote protocol in Application Security.

Sets the remote facility in Application Security. The available remote facilities are mentioned under the RemoteFacility enumeration.

Gets the remote facility in Application Security.

Sets the storage format type to predefined and replaces the fields in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. For consistent configuration, when changing the storage format type to predefined you must specify also the fields. The available storage format types are mentioned under the StorageFormat enumeration. Please see replace_application_fields for more information about the fields setting.

Sets the storage format type to user-defined and sets the user string in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. For consistent configuration, when changing the storage format type to user-defined you must specify also the user-string. The available storage format types are mentioned under the StorageFormat enumeration. Please see set_application_user_string for more information about every setting.

Gets the storage format type in Application Security.

Sets the field delimiter of the predefined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV).

Gets the field delimiter of the predefined storage format in Application Security.

Sets the field format of the predefined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as "%v", for CSV.

Gets the field format of the predefined storage format in Application Security.

Gets the fields of the predefined storage format in Application Security.

Replaces the existing fields of the predefined storage format with new ones in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one.

Sets the user string of the user-defined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. User string specifies the format in which the server logs traffic items. You can use free text between the traffic items enclosed in % on both sides.

Gets the user string of the user-defined storage format in Application Security.

Sets the maximum request size value in Application Security. Maximum request size specifies how much of the request the server logs. - Any (zero value): Specifies that the server logs the entire request. This is the default. - Length in bytes (positive value): Specifies that the server logs requests up to a particular length that you indicate.

Gets the maximum request size value in Application Security.

Sets the maximum headers size value in Application Security. Maximum headers size specifies how much of the header the server logs. - Any (zero value): Specifies that the server logs the entire header. This is the default. - Length in bytes (positive value): Specifies that the server logs headers up to a particular length that you indicate.

Gets the maximum headers size value in Application Security.

Sets the maximum query string size value in Application Security. Maximum query string size specifies how much of the query string the server logs. - Any (zero value): Specifies that the server logs the entire query string. This is the default. - Length in bytes (positive value): Specifies that the server logs query strings up to a particular length that you indicate.

Gets the maximum query string size value in Application Security.

Sets the maximum entry length in Application Security. The available entry lengths are mentioned under the EntryLength enumeration. You can change the maximum entry length only for remote servers that support the TCP protocol.

Gets the maximum entry length in Application Security.

Sets the report detected anomalies state in Application Security. Report detected anomalies specifies, when enabled, that the system sends a report string to the remote system log when a brute force attack, IP enforcer attack, or web scraping attack starts and ends. The default is disabled.

Gets the report detected anomalies state in Application Security.

Sets the logic operation in Application Security. The available logic operations are mentioned under the LogicOperation enumeration.

Gets the logic operation in Application Security.

Gets a list of remote servers in Application Security.

Adds a list of IP addresses and ports to the list of remote servers in Application Security. Server addresses specify which remote servers log traffic. You can configure the system to log traffic to multiple remote servers. The default port of the remote machine used to log traffic is 514.

Removes specific IP addresses and ports from the list of remote servers in Application Security.

Removes all remote servers in Application Security.

Gets a list of keys of request (storage) filters in Application Security.

Adds a list of request filters to the existing list in Application Security. Request filter specifies a fundamental or detailed setting for the type of requests the system, or server logs. Every request filter has a generic form of key/values. For consistent configuration, when creating a new request filter with the specified key you must specify also the values.

Removes specific request filters from the existing list in Application Security.

Removes all request filters in Application Security.

Gets the values of the request filters in Application Security.

Adds a list of values to the request filters in Application Security.

Replaces the existing values of the request filters with new ones in Application Security.

Removes specific values from the request filters in Application Security.

Gets a list of Protocol (SIP) Security sub-profiles for a list of given logging profiles.

Adds a list of Protocol (SIP) Security sub-profiles to given logging profiles. Note: Only one Protocol (SIP) Security sub-profile can exist per logging profile.

Removes specific Protocol (SIP) Security sub-profiles from the specified logging profiles.

Removes all Protocol (SIP) Security sub-profiles from the specified logging profiles.

Sets the drop log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that are dropped. When disabled, the system does not log. The default is disabled.

Gets the drop log filter state in Protocol (SIP) Security.

Sets the global-failures log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed due to global failures (all 6XX response codes). When disabled, the system does not log. The default is disabled.

Gets the global-failures log filter state in Protocol (SIP) Security.

Sets the malformed log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that are malformed. When disabled, the system does not log. The default is disabled.

Gets the malformed log filter state in Protocol (SIP) Security.

Sets the redirection-responses log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that result in redirection responses (all 3XX response codes). When disabled, the system does not log. The default is disabled.

Gets the redirection-responses log filter state in Protocol (SIP) Security.

Sets the request-failures log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed (all 4XX response codes). When disabled, the system does not log. The default is disabled.

Gets the request-failures log filter state in Protocol (SIP) Security.

Sets the server-errors log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed due to server errors (all 5XX response codes). When disabled, the system does not log. The default is disabled.

Gets the server-errors log filter state in Protocol (SIP) Security.

Sets the storage format type to field list and sets the fields list in Protocol (SIP) Security. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the SIPStorageFormat enumeration. Please see replace_protocol_sip_field_list for more information about the field list setting.

Sets the storage format type to user-defined and sets the user-defined string in Protocol (SIP) Security. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the SIPStorageFormat enumeration. Please see set_protocol_sip_user_defined_string for more information about every setting.

Gets the storage format type in Protocol (SIP) Security.

Sets the field-list delimiter of the field-list storage format in Protocol (SIP) Security. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV).

Gets the field-list delimiter of the field-list storage format in Protocol (SIP) Security.

Sets the field format of the predefined storage format in Protocol (SIP) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as "%v", for CSV.

Gets the field format of the predefined storage format in Protocol (SIP) Security.

Gets the list of fields for the field-list storage format in Protocol (SIP) Security.

Replaces the existing fields of the field-list storage format with new ones in Protocol (SIP) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one.

Sets the user defined string of the user-defined storage format in Protocol (SIP) Security. You can use free text between the traffic items enclosed in % on both sides.

Gets the user defined string of the user-defined storage format in Protocol (SIP) Security.

Sets the log publisher in Protocol (SIP) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information.

Gets the log publisher in Protocol (SIP) Security.

Gets a list of Network Firewall sub-profiles for a list of given logging profiles.

Adds a list of Network Firewall sub-profiles to given logging profiles. Note: Only one Network Firewall sub-profile can exist per logging profile.

Removes specific Network Firewall sub-profiles from the specified logging profiles.

Removes all Network Firewall sub-profiles from the specified logging profiles.

Sets the ACL match accept log filter state in Network Firewall. When enabled, the system logs all requests that are accepted due to an ACL match. When disabled, the system does not log. The default is disabled.

Gets the ACL match accept log filter state in Nework Security.

Sets the ACL match reject log filter state in Network Firewall. When enabled, the system logs all requests that are rejected due to an ACL match. When disabled, the system does not log. The default is disabled.

Gets the ACL match reject log filter state in Nework Security.

Sets the ACL match drop log filter state in Network Firewall. When enabled, the system logs all requests that are dropped due to an ACL match. When disabled, the system does not log. The default is disabled.

Gets the ACL match drop log filter state in Nework Security.

Sets the IP errors log filter state in Network Firewall. When enabled, the system logs all IP errors (eg. IP error checksum). When disabled, the system does not log any IP errors. The default is disabled.

Gets the IP errors log filter state in Nework Security.

Sets the TCP errors log filter state in Network Firewall. When enabled, the system logs all TCP errors (eg. BAD TCP checksum). When disabled, the system does not log any TCP errors. The default is disabled.

Gets the TCP errors log filter state in Nework Security.

Sets the TCP events log filter state in Network Firewall. When enabled, the system logs all TCP connection established and closed events. When disabled, the system does not log any TCP event. The default is disabled.

Gets the TCP events log filter state in Nework Security.

Sets the Network log translation fields filter state in a Logging profile. When enabled, the system logs all translated fields in Network logs. Translated fields include Source Address/Port, Destination Address/Port, IP Protocol, Route Domain, Vlan, Source Address translation reason and Source Address translation Pool. When disabled, the system does not log the translated fields. The default is disabled.

Gets the Network log translation fields state in Logging profile.

Sets the storage format type to field list and sets the fields list in Network Firewall. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the NetworkStorageFormat enumeration. Please see replace_network_field_list for more information about the field list setting.

Sets the storage format type to user-defined and sets the user-defined string in Network Firewall. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the NetworkStorageFormat enumeration. Please see set_network_user_defined_string for more information about every setting.

Gets the storage format type in Network Firewall.

Sets the field-list delimiter of the field-list storage format in Network Firewall. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV).

Gets the field-list delimiter of the field-list storage format in Network Firewall.

Sets the field format of the storage format in Network Firewall. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as "%v", for CSV.

Gets the field format of the storage format in Network Firewall.

Gets the list of fields for the field-list storage format in Network Firewall.

Replaces the existing fields of the field-list storage format with new ones in Network Firewall. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one.

Sets the user defined string of the user-defined storage format in Network Firewall. You can use free text between the traffic items enclosed in % on both sides.

Gets the user defined string of the user-defined storage format in Network Firewall.

Sets the log publisher in Network Firewall. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information.

Gets the log publisher in Network Firewall.

Gets a list of Protocol (DNS) Security sub-profiles for a list of given logging profiles.

Adds a list of Protocol (DNS) Security sub-profiles to given logging profiles. Note: Only one Protocol (DNS) Security sub-profile can exist per logging profile.

Removes specific Protocol (DNS) Security sub-profiles from the specified logging profiles.

Removes all Protocol (DNS) Security sub-profiles from the specified logging profiles.

Sets the drop log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are dropped. When disabled, the system does not log. The default is disabled.

Gets the drop log filter state in Protocol (DNS) Security.

Sets the filtered-drop log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are dropped due to security filtering. When disabled, the system does not log. The default is disabled.

Gets the filtered-drop log filter state in Protocol (DNS) Security.

Sets the malformed log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are malformed. When disabled, the system does not log. The default is disabled.

Gets the malformed log filter state in Protocol (DNS) Security.

Sets the malicious log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are malicious. When disabled, the system does not log. The default is disabled.

Gets the malicious log filter state in Protocol (DNS) Security.

Sets the DNS-reject log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are rejected. When disabled, the system does not log. The default is disabled.

Gets the DNS-reject log filter state in Protocol (DNS) Security.

Sets the storage format type to field list and sets the fields list in Protocol (DNS) Security. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the DNSStorageFormat enumeration. Please see replace_protocol_dns_field_list for more information about the field list setting.

Sets the storage format type to user-defined and sets the user-defined string in Protocol (DNS) Security. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the DNSStorageFormat enumeration. Please see set_protocol_dns_user_defined_string for more information about every setting.

Gets the storage format type in Protocol (DNS) Security.

Sets the field-list delimiter of the field-list storage format in Protocol (DNS) Security. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV).

Gets the field-list delimiter of the field-list storage format in Protocol (DNS) Security.

Sets the field format of the storage format in Protocol (DNS) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as "%v", for CSV.

Gets the field format of the storage format in Protocol (DNS) Security.

Gets the list of fields for the field-list storage format in Protocol (DNS) Security.

Replaces the existing fields of the field-list storage format with new ones in Protocol (DNS) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one.

Sets the user defined string of the user-defined storage format in Protocol (DNS) Security. You can use free text between the traffic items enclosed in % on both sides.

Gets the user defined string of the user-defined storage format in Protocol (DNS) Security.

Sets the log publisher in Protocol (DNS) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information.

Gets the log publisher in Protocol (DNS) Security.

Gets a list of Protocol (Transfer) Security sub-profiles for a list of given logging profiles.

Adds a list of Protocol (Transfer) Security sub-profiles to given logging profiles. Note: Only one Protocol (Transfer) Security sub-profile can exist per logging profile.

Removes specific Protocol (Transfer) Security sub-profiles from the specified logging profiles.

Removes all Protocol (Transfer) Security sub-profiles from the specified logging profiles.

Sets the log publisher in Protocol (Transfer) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information.

Gets the log publisher in Protocol (Transfer) Security.

Gets the version information for this interface.

Gets a list of all (security) logging profiles configured in the system.

Creates the specified logging profiles.

Deletes the specified logging profiles.

Deletes all logging profiles.

Determines whether the specified logging profiles are system logging profiles. A system logging profile is a logging profile pre-configured on the system, ready for use. Non-system logging profiles are logging profiles created or modified by a user. Note that if a system logging profile is modified, it is no longer considered a system logging profile (except those ones that explicitly preserved).

Sets the description for a set of logging profiles. This is an arbitrary field which can be used for any purpose.

Gets the descriptions for a set of logging profiles.

Sets the SIP DoS log publisher in a Logging profile.

Gets the SIP DoS log publisher in Logging profile.

Sets the DNS DoS log publisher in a Logging profile.

Gets the DNS DoS log publisher in Logging profile.

Sets the IP Intelligence log publisher in a Logging profile.

Gets the IP Intelligence log publisher in Logging profile.

Sets the IP Intelligence log translation fields filter state in a Logging profile. When enabled, the system logs all translated fields in IP Intelligence logs. Translated fields include Source Address/Port, Destination Address/Port, IP Protocol, Route Domain, Vlan, Source Address translation reason and Source Address translation Pool. When disabled, the system does not log the translated fields. The default is disabled.

Gets the IP Intelligence log translation fields filter state in Logging profile.

Gets a list of Application Security sub-profiles for a list of given logging profiles.

Adds a list of Application Security sub-profiles to given logging profiles. Note: Only one Application Security sub-profile can exist per logging profile.

Removes specific Application Security sub-profiles from the specified logging profiles.

Removes all Application Security sub-profiles from the specified logging profiles.

Sets the local storage state in Application Security. Local storage specifies, when enabled, that the system stores all traffic in the system and can be viewed in the Requests screen.

Gets the local storage state in Application Security.

Sets the guarantee local logging state in Application Security. Guarantee local logging specifies: - When enabled, that the system logs all requests, even though this may slow your virtual server. - When disabled, that the system logs requests as long as it does not slow your virtual server. The default is disabled. In either case, the system does not drop requests.

Gets the guarantee local logging state in Application Security.

Sets the response logging type in Application Security. The available response logging types are mentioned under the ResponseLogging enumeration.

Gets the response logging type in Application Security.

Sets the guarantee local response logging state in Application Security. Guarantee local response logging specifies, when enabled, that the system logs all responses, even though this may slow your virtual server. The system may drop requests if the database is too slow to log all responses. In order to enable this setting, you must first enable guarantee local logging, and set response logging to either illegal or all requests.

Gets the guarantee local response logging state in Application Security.

Sets the remote storage type in Application Security. The available remote storage types are mentioned under the RemoteStorage enumeration.

Sets the remote storage type to remote, storage format type to predefined and replaces the fields in Application Security. For consistent configuration, when changing the remote storage type to remote (in particular, for the first time) you must specify also the fields or user-string (for the corresponding format type). Please see set_application_remote_storage, set_application_format_predefined and replace_application_fields for more information about every setting.

Sets the remote storage type to remote, storage format type to user-defined and sets the user string in Application Security. For consistent configuration, when changing the remote storage type to remote (in particular, for the first time) you must specify also the fields or user-string (for the corresponding format type). Please see set_application_remote_storage, set_application_format_user_defined and set_application_user_string for more information about every setting.

Gets the remote storage type in Application Security.

Sets the remote protocol in Application Security. The available remote protocols are mentioned under the RemoteProtocol enumeration.

Gets the remote protocol in Application Security.

Sets the remote facility in Application Security. The available remote facilities are mentioned under the RemoteFacility enumeration.

Gets the remote facility in Application Security.

Sets the storage format type to predefined and replaces the fields in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. For consistent configuration, when changing the storage format type to predefined you must specify also the fields. The available storage format types are mentioned under the StorageFormat enumeration. Please see replace_application_fields for more information about the fields setting.

Sets the storage format type to user-defined and sets the user string in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. For consistent configuration, when changing the storage format type to user-defined you must specify also the user-string. The available storage format types are mentioned under the StorageFormat enumeration. Please see set_application_user_string for more information about every setting.

Gets the storage format type in Application Security.

Sets the field delimiter of the predefined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV).

Gets the field delimiter of the predefined storage format in Application Security.

Sets the field format of the predefined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as "%v", for CSV.

Gets the field format of the predefined storage format in Application Security.

Gets the fields of the predefined storage format in Application Security.

Replaces the existing fields of the predefined storage format with new ones in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one.

Sets the user string of the user-defined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. User string specifies the format in which the server logs traffic items. You can use free text between the traffic items enclosed in % on both sides.

Gets the user string of the user-defined storage format in Application Security.

Sets the maximum request size value in Application Security. Maximum request size specifies how much of the request the server logs. - Any (zero value): Specifies that the server logs the entire request. This is the default. - Length in bytes (positive value): Specifies that the server logs requests up to a particular length that you indicate.

Gets the maximum request size value in Application Security.

Sets the maximum headers size value in Application Security. Maximum headers size specifies how much of the header the server logs. - Any (zero value): Specifies that the server logs the entire header. This is the default. - Length in bytes (positive value): Specifies that the server logs headers up to a particular length that you indicate.

Gets the maximum headers size value in Application Security.

Sets the maximum query string size value in Application Security. Maximum query string size specifies how much of the query string the server logs. - Any (zero value): Specifies that the server logs the entire query string. This is the default. - Length in bytes (positive value): Specifies that the server logs query strings up to a particular length that you indicate.

Gets the maximum query string size value in Application Security.

Sets the maximum entry length in Application Security. The available entry lengths are mentioned under the EntryLength enumeration. You can change the maximum entry length only for remote servers that support the TCP protocol.

Gets the maximum entry length in Application Security.

Sets the report detected anomalies state in Application Security. Report detected anomalies specifies, when enabled, that the system sends a report string to the remote system log when a brute force attack, IP enforcer attack, or web scraping attack starts and ends. The default is disabled.

Gets the report detected anomalies state in Application Security.

Sets the logic operation in Application Security. The available logic operations are mentioned under the LogicOperation enumeration.

Gets the logic operation in Application Security.

Gets a list of remote servers in Application Security.

Adds a list of IP addresses and ports to the list of remote servers in Application Security. Server addresses specify which remote servers log traffic. You can configure the system to log traffic to multiple remote servers. The default port of the remote machine used to log traffic is 514.

Removes specific IP addresses and ports from the list of remote servers in Application Security.

Removes all remote servers in Application Security.

Gets a list of keys of request (storage) filters in Application Security.

Adds a list of request filters to the existing list in Application Security. Request filter specifies a fundamental or detailed setting for the type of requests the system, or server logs. Every request filter has a generic form of key/values. For consistent configuration, when creating a new request filter with the specified key you must specify also the values.

Removes specific request filters from the existing list in Application Security.

Removes all request filters in Application Security.

Gets the values of the request filters in Application Security.

Adds a list of values to the request filters in Application Security.

Replaces the existing values of the request filters with new ones in Application Security.

Removes specific values from the request filters in Application Security.

Gets a list of Protocol (SIP) Security sub-profiles for a list of given logging profiles.

Adds a list of Protocol (SIP) Security sub-profiles to given logging profiles. Note: Only one Protocol (SIP) Security sub-profile can exist per logging profile.

Removes specific Protocol (SIP) Security sub-profiles from the specified logging profiles.

Removes all Protocol (SIP) Security sub-profiles from the specified logging profiles.

Sets the drop log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that are dropped. When disabled, the system does not log. The default is disabled.

Gets the drop log filter state in Protocol (SIP) Security.

Sets the global-failures log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed due to global failures (all 6XX response codes). When disabled, the system does not log. The default is disabled.

Gets the global-failures log filter state in Protocol (SIP) Security.

Sets the malformed log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that are malformed. When disabled, the system does not log. The default is disabled.

Gets the malformed log filter state in Protocol (SIP) Security.

Sets the redirection-responses log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that result in redirection responses (all 3XX response codes). When disabled, the system does not log. The default is disabled.

Gets the redirection-responses log filter state in Protocol (SIP) Security.

Sets the request-failures log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed (all 4XX response codes). When disabled, the system does not log. The default is disabled.

Gets the request-failures log filter state in Protocol (SIP) Security.

Sets the server-errors log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed due to server errors (all 5XX response codes). When disabled, the system does not log. The default is disabled.

Gets the server-errors log filter state in Protocol (SIP) Security.

Sets the storage format type to field list and sets the fields list in Protocol (SIP) Security. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the SIPStorageFormat enumeration. Please see replace_protocol_sip_field_list for more information about the field list setting.

Sets the storage format type to user-defined and sets the user-defined string in Protocol (SIP) Security. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the SIPStorageFormat enumeration. Please see set_protocol_sip_user_defined_string for more information about every setting.

Gets the storage format type in Protocol (SIP) Security.

Sets the field-list delimiter of the field-list storage format in Protocol (SIP) Security. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV).

Gets the field-list delimiter of the field-list storage format in Protocol (SIP) Security.

Sets the field format of the predefined storage format in Protocol (SIP) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as "%v", for CSV.

Gets the field format of the predefined storage format in Protocol (SIP) Security.

Gets the list of fields for the field-list storage format in Protocol (SIP) Security.

Replaces the existing fields of the field-list storage format with new ones in Protocol (SIP) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one.

Sets the user defined string of the user-defined storage format in Protocol (SIP) Security. You can use free text between the traffic items enclosed in % on both sides.

Gets the user defined string of the user-defined storage format in Protocol (SIP) Security.

Sets the log publisher in Protocol (SIP) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information.

Gets the log publisher in Protocol (SIP) Security.

Gets a list of Network Firewall sub-profiles for a list of given logging profiles.

Adds a list of Network Firewall sub-profiles to given logging profiles. Note: Only one Network Firewall sub-profile can exist per logging profile.

Removes specific Network Firewall sub-profiles from the specified logging profiles.

Removes all Network Firewall sub-profiles from the specified logging profiles.

Sets the ACL match accept log filter state in Network Firewall. When enabled, the system logs all requests that are accepted due to an ACL match. When disabled, the system does not log. The default is disabled.

Gets the ACL match accept log filter state in Nework Security.

Sets the ACL match reject log filter state in Network Firewall. When enabled, the system logs all requests that are rejected due to an ACL match. When disabled, the system does not log. The default is disabled.

Gets the ACL match reject log filter state in Nework Security.

Sets the ACL match drop log filter state in Network Firewall. When enabled, the system logs all requests that are dropped due to an ACL match. When disabled, the system does not log. The default is disabled.

Gets the ACL match drop log filter state in Nework Security.

Sets the IP errors log filter state in Network Firewall. When enabled, the system logs all IP errors (eg. IP error checksum). When disabled, the system does not log any IP errors. The default is disabled.

Gets the IP errors log filter state in Nework Security.

Sets the TCP errors log filter state in Network Firewall. When enabled, the system logs all TCP errors (eg. BAD TCP checksum). When disabled, the system does not log any TCP errors. The default is disabled.

Gets the TCP errors log filter state in Nework Security.

Sets the TCP events log filter state in Network Firewall. When enabled, the system logs all TCP connection established and closed events. When disabled, the system does not log any TCP event. The default is disabled.

Gets the TCP events log filter state in Nework Security.

Sets the Network log translation fields filter state in a Logging profile. When enabled, the system logs all translated fields in Network logs. Translated fields include Source Address/Port, Destination Address/Port, IP Protocol, Route Domain, Vlan, Source Address translation reason and Source Address translation Pool. When disabled, the system does not log the translated fields. The default is disabled.

Gets the Network log translation fields state in Logging profile.

Sets the storage format type to field list and sets the fields list in Network Firewall. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the NetworkStorageFormat enumeration. Please see replace_network_field_list for more information about the field list setting.

Sets the storage format type to user-defined and sets the user-defined string in Network Firewall. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the NetworkStorageFormat enumeration. Please see set_network_user_defined_string for more information about every setting.

Gets the storage format type in Network Firewall.

Sets the field-list delimiter of the field-list storage format in Network Firewall. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV).

Gets the field-list delimiter of the field-list storage format in Network Firewall.

Sets the field format of the storage format in Network Firewall. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as "%v", for CSV.

Gets the field format of the storage format in Network Firewall.

Gets the list of fields for the field-list storage format in Network Firewall.

Replaces the existing fields of the field-list storage format with new ones in Network Firewall. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one.

Sets the user defined string of the user-defined storage format in Network Firewall. You can use free text between the traffic items enclosed in % on both sides.

Gets the user defined string of the user-defined storage format in Network Firewall.

Sets the log publisher in Network Firewall. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information.

Gets the log publisher in Network Firewall.

Gets a list of Protocol (DNS) Security sub-profiles for a list of given logging profiles.

Adds a list of Protocol (DNS) Security sub-profiles to given logging profiles. Note: Only one Protocol (DNS) Security sub-profile can exist per logging profile.

Removes specific Protocol (DNS) Security sub-profiles from the specified logging profiles.

Removes all Protocol (DNS) Security sub-profiles from the specified logging profiles.

Sets the drop log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are dropped. When disabled, the system does not log. The default is disabled.

Gets the drop log filter state in Protocol (DNS) Security.

Sets the filtered-drop log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are dropped due to security filtering. When disabled, the system does not log. The default is disabled.

Gets the filtered-drop log filter state in Protocol (DNS) Security.

Sets the malformed log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are malformed. When disabled, the system does not log. The default is disabled.

Gets the malformed log filter state in Protocol (DNS) Security.

Sets the malicious log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are malicious. When disabled, the system does not log. The default is disabled.

Gets the malicious log filter state in Protocol (DNS) Security.

Sets the DNS-reject log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are rejected. When disabled, the system does not log. The default is disabled.

Gets the DNS-reject log filter state in Protocol (DNS) Security.

Sets the storage format type to field list and sets the fields list in Protocol (DNS) Security. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the DNSStorageFormat enumeration. Please see replace_protocol_dns_field_list for more information about the field list setting.

Sets the storage format type to user-defined and sets the user-defined string in Protocol (DNS) Security. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the DNSStorageFormat enumeration. Please see set_protocol_dns_user_defined_string for more information about every setting.

Gets the storage format type in Protocol (DNS) Security.

Sets the field-list delimiter of the field-list storage format in Protocol (DNS) Security. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV).

Gets the field-list delimiter of the field-list storage format in Protocol (DNS) Security.

Sets the field format of the storage format in Protocol (DNS) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as "%v", for CSV.

Gets the field format of the storage format in Protocol (DNS) Security.

Gets the list of fields for the field-list storage format in Protocol (DNS) Security.

Replaces the existing fields of the field-list storage format with new ones in Protocol (DNS) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one.

Sets the user defined string of the user-defined storage format in Protocol (DNS) Security. You can use free text between the traffic items enclosed in % on both sides.

Gets the user defined string of the user-defined storage format in Protocol (DNS) Security.

Sets the log publisher in Protocol (DNS) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information.

Gets the log publisher in Protocol (DNS) Security.

Gets a list of Protocol (Transfer) Security sub-profiles for a list of given logging profiles.

Adds a list of Protocol (Transfer) Security sub-profiles to given logging profiles. Note: Only one Protocol (Transfer) Security sub-profile can exist per logging profile.

Removes specific Protocol (Transfer) Security sub-profiles from the specified logging profiles.

Removes all Protocol (Transfer) Security sub-profiles from the specified logging profiles.

Sets the log publisher in Protocol (Transfer) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information.

Gets the log publisher in Protocol (Transfer) Security.

Gets the version information for this interface.

The LogProfile interface enables you to manipulate (security) logging profiles. A logging profile is used to record requests to the virtual server. You may use more than one logging profile per virtual server (see LocalLB::VirtualServer::add_security_log_profile). Logging profile consists of several parts (layers): Application Security, Protocol (Transfer and DNS) Security, Network Firewall and DoS Protection. Each part can be enabled or disabled by means of creating or deleting the corresponding sub-profile. Note that logging profiles with same (or mutually exclusive) parts enabled cannot be associated with one virtual server. In Application Security you can configure where requests to the virtual server are logged, and which part of requests are logged. Requests can be logged either locally by the system and viewed in the Requests screen, or remotely by the client's server. The system forwards the log messages to the client's server using the Syslog service. Note that you cannot modify a system-default logging profile with Application Security enabled. In Protocol (Transfer) Security you can configure the remote server where the system sends the Protocol Security log messages. The settings you configure in this sub-profile apply only to security profiles (HTTP, FTP and SMTP) associated with the same virtual server as the logging profile containing it. Note that Application and Protocol (Transfer) Security are mutually exclusive parts per logging profile and virtual server.