Server Log Filters Management

Server Log Filters are used for filtering information in the Server Log Entry List based on time and date of Log Event occurrence, Log Event type and for limiting maximum number of Log Events to be retrieved from the LANProtector Server at once.

Time Span

From filter when turned ON will limit Server Log Entries retrieval to only those which occurred after the specified date and time. This filter is OFF by default meaning there is no lower time/date span limit when retrieving Server Log Entries from the Server.

To filter when turned ON will limit Server Log Entries retrieval to only those which occurred before the specified date and time. This filter is OFF by default meaning there is no upper time/date span limit when retrieving Server Log Entries from the Server.

Turning both From and To filters ON and specifying a date span will ensure retrieval of only those Server Log Entries which occurred during that time/date span.

Limit Log Entry Count

Maximum Number of Log Entries to Retrieve specifies the maximum number of Server Log Entries to retrieve. As Server Log Entries are retrieved the newest ones first, this filter will limit the retrieval to the latest N Log Entries. The purpose of this filter is to speed up the Log Entries retrieval from the Server as this may take more than few seconds when Server Event Log is full or when retrieving the Log Entries over a limited bandwidth network. Value can range between 1 and 100000, the default value being 1000.

Log Message Types

There are 12 LANProtector Server Log Entry types:
            1. General: unclassified Entry type, usually information written by the Operating System itself about the LANProtector Server Service behavior
            2. Network Engine: messages written by the underlying LANProtector networking engine about Network Adapter operations
            3. Remote Access Connect: established connections with the Server from a Manager application, identifying the Manager authenticated computer and user name
            4. Remote Access Disconnect: closed connections with the Server from a Manager application, identifying the Manager authenticated computer and user name
            5. Server Activated: successful LANProtector Server activation message
            6. Server Deactivated: successful LANProtector Server deactivation message or unsuccessful activation message caused by missing Project on the Server or missing or invalid Server license
            7. Packet Accepted: audited and allowed network node packages specifying Ruleset name which allowed the package and source -> destination IPv4 and MAC addresses
            8. Packet Denied: audited and denied network node packages specifying Ruleset name which denied the package and source -> destination IPv4 and MAC addresses
            9. Network Node Blocked: usually written after the Packet Denied Log Entries, specify legal ARP spoofing or network node blocking network injected packages source -> destination IPv4 and MAC addresses
            10. Error: any error messages or non-critical exception messages which happened on the Server
            11. Service Message: informative LANProtector Server startup messages or Server license expiration messages
            12. Project Changed: informative messages about Project being loaded into the Server specifying the Project name

Buttons

Default button will reset all filters to their default values.

Server Log Filters Details

After modifying the Server Log Filters and accepting changes using OK button, the new Filters will not be automatically applied to the Server Log. In order to apply the new Filters, use the Refresh Server Log Toolbar or context menu command or keyboard F5.