Log > Categories
1357
SonicOS 5.8.1 Administrator Guide
Log Categories
SonicWALL security appliances provide automatic attack protection against well known
exploits. The majority of these legacy attacks were identified by telltale IP or TCP/UDP
characteristics, and recognition was limited to a set of fixed layer 3 and layer 4 values. As the
breadth and sophistication of attacks evolved, it has become essential to dig deeper into the
traffic, and to develop the sort of adaptability that could keep pace with the new threats.
All SonicWALL security appliances, even those running SonicWALL IPS, continue to recognize
these legacy port and protocol types of attacks. The current behavior on all SonicWALL security
appliances devices is to automatically and holistically prevent these legacy attacks, meaning
that it is not possible to disable prevention of these attacks either individually or globally.
SonicWALL security appliances now include an expanded list of attack categories that can be
logged.
The View Style menu provides the following three log category views:
• All Categories - Displays both Legacy Categories and Expanded Categories.
• Legacy Categories - Displays log categories carried over from earlier SonicWALL log
event categories.
• Expanded Categories - Displays the expanded listing of categories that includes the older
Legacy Categories log events rearranged into the new structure.
The following table describes both the Legacy and
Extended log categories.
Log Type Category Description
802.11 Management Legacy Logs WLAN IEEE 802.11 connections
Advanced Routing Expanded Logs messages related to RIPv2 and OSPF routing events
Anti-Spam Service Extended Logs SonicWALL Anti-Spam service activity
Application Control Extended Logs SonicWALL Application Control events
Application Firewall Extended Logs SonicWALL Application Firewall events
Attacks Legacy Logs messages showing Denial of Service attacks, such as SYN Flood, Ping
of Death, and IP spoofing
Authenticated
Access
Expanded Logs administrator, user, and guest account activity
Blocked Java, etc. Legacy Logs Java, ActiveX, and Cookies blocked by the SonicWALL security
appliance
Blocked Web Sites Legacy Logs Web sites or news groups blocked by the Content Filter List or by
customized filtering
BOOTP Expanded Logs BOOTP activity
Crypto Test Expanded Logs crypto algorithm and hardware testing
DDNS Expanded Logs Dynamic DNS activity
Denied LAN IP Legacy Logs all LAN IP addresses denied by the SonicWALL security appliance
DHCP Client Expanded Logs DHCP client protocol activity
DHCP Relay Expanded Logs DHCP central and remote gateway activity
DHCP Server Extended Logs DHCP server activity
DPI-SSL Extended Logs DPI-SSL events
Dropped ICMP Legacy Logs blocked incoming ICMP packets