[logs] Checkpoint Firewall rulebase - logs
Mordechai T. Abzug
morty at frakir.org
Mon Aug 13 08:50:09 PDT 2007
On Mon, Aug 13, 2007 at 08:33:33AM -0700, tbird at precision-guesswork.com wrote:
> Chris Brenton first pointed out to me the usefulness of naming
> "things" in such a way to make your log management and reporting
> easier, whether by embedding service names the way James describes; or
> naming devices in a systematic way to simplify keeping track of what
> they do.
I do this, too. Not just because it makes log analysis easier, but
also because sometimes "things" get renamed or changed, which means
that either your firewall rulebase gets out of sync (if it doesn't
automatically learn the change) or it says something you did not
directly review (if it does automatically learn the change.)
- Morty
More information about the LogAnalysis
mailing list