4 Replies Latest reply on Nov 18, 2016 1:29 PM by flora10

    MWG 7.6.2 log problem

    flora10

      Hello all,

       

      I have a big logging problem.

      The MWG does the logging, BUT i have no value, therefore i have nothing in the      Troubleshooting / log files / "access.log"

       

      - Log Handler setting are default.

      - Rules are default.

      - Access_denied.log works fine! (uses the similar default settings, so i don't know why not working the "normal" access.log)

       

      Uploaded screenshots, to help you identify my problem.

       

      Thanks!

       

       

      Problem: NO VALUE

       

      problem.PNG

       

       

      No value means NOTHING in the log. (problem warning: file low size)

       

      My main problem:

       

      problem3.PNG

       

      Settings are default in:

      - Log Handler

      - Rule Sets

      - etc..

       

      problem2.PNG

       

       

       

      Thanks for helping me.

        • 1. Re: MWG 7.6.2 log problem
          Jon Scholten

          Hi Flora,

           

          You're writing the log data to a different property than whats going to the log file.

           

          You're writing the log data to User-Defined.X-Incident-Appliance-Name, but your writing User-Defined.logline to the actual log file.

           

          Change the "set" to User-Defined.logline instead of  User-Defined.X-Incident-Appliance-Name.


          Best Regards,

           

           

          Jon

          1 of 1 people found this helpful
          • 2. Re: MWG 7.6.2 log problem
            flora10

            Thank you Jon. I made the change.

             

            When i made it, there was 3 inconsistent error. I had to delete 3 lines in the "Event" to make it work.

             

             

             

            Why i had to delete these 3 in order to make it work (the edit finish button was grayed out)  ??

            List.OfCategory.ToString (URL.Categories)

            String.ReplaceIfEquals (URL.ReputationString)

            List.OfString.ToString (Antimalware,. VirusName)

            • 3. Re: MWG 7.6.2 log problem
              Jon Scholten

              Hi Flora,

               

              You shouldnt have had to delete those items in the event. Perhaps you just needed to reference settings for those?

               

              You can reference "Most recently used setting".

               

              I would suggest importing the access log ruleset in from the library again as your logging will be missing critical information without those things.

               

              Best Regards,

              Jon

              1 of 1 people found this helpful
              • 4. Re: MWG 7.6.2 log problem
                flora10

                Thats a good idea, i should have thought about it...

                 

                Thank you.