Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - Logging
  3. Articles

Host Logs In Kerio Control

Overview

Logs keep information records of selected events that occurred in or detected by Kerio Control. This article explains the Host Logs and how it is analyzed. This log gives you information on who, when and which addresses and machines access the Kerio Control network.

Reference Information

Host logs report the activities being done by hosts, servers, and users.

The following shows examples of Host Logs:

User registration

Sample

[02/Mar/2014 13:36:49] [IPv4] 192.168.40.131 [MAC] 00-10-18-a1-c1-de (Apple) - Host registered

[02/Mar/2014 13:37:56] [IPv4] 192.168.40.131 [MAC] 00-10-18-a1-c1-de (Apple) [User] jsmith@company.com - User logged in

[02/Mar/2014 16:48:52] [IPv4] 192.168.40.131 [MAC] 00-10-18-a1-c1-de (Apple) - User jsmith@company.com logged out

[02/Mar/2014 16:48:52] [IPv4] 192.168.40.131 [MAC] 00-10-18-a1-c1-de (Apple) - Host removed

Syntax

  • [02/Mar/2014 13:36:49] — The date and time when the action happened.
  • [IPv4] 192.168.40.131 — The IPv4 address of the client host
  • [MAC] 00-10-18-a1-c1-de (Apple) — MAC address of the host. If the MAC address is not displayed, Kerio Control is not able to see the MAC address of the host.
  • jsmith@company.com —The username authenticated through the firewall


IP address released from DHCP

Sample

[04/Mar/2014 12:07:28] [IPv4] 10.10.30.81 [MAC] 00-0c-29-1d-cc-bd (Apple) [Hostname]

Syntax

  • jsmith-cp - The IP address leased from DHCP
  • [04/Mar/2014 12:07:28] — The date and time when the action happened.
  • [IPv4] 10.10.30.81 — The IPv4 address of the client host
  • [MAC] 00-0c-29-1d-cc-bd (Apple) — The MAC address of the host. If the MAC address is not displayed, Kerio Control is not able to see the MAC address of the host.
  • [Hostname] jsmith-cp — The computer hostname

Registering and removing an IPv6 address

IPv6 addresses are changed in time by the operating system of the host. 

Sample

[04/Mar/2014 16:05:28] [IPv4] 10.10.30.81 [IPv6] 2001:718:1803:3513:b4c6:82b3:e0f5:309e [MAC] 00-0c-29-1d-cc-bd (Apple) [Hostname] jsmith-cp - IPv6 address 2001:718:1803:3513:b4c6:82b3:e0f5:309e registered

[04/Mar/2014 16:23:25] [IPv4] 10.10.30.81 [MAC] 00-0c-29-1d-cc-bd (Apple) [Hostname] jsmith-cp - IPv6 address 2001:718:1803:3513:b4c6:82b3:e0f5:309e removed

Syntax

  • [04/Mar/2014 16:05:28] — The date and time when the action happened.
  • [IPv4] 10.10.30.81 — The IPv4 address of the client host
  • [IPv6] 2001:718:1803:3513:b4c6:82b3:e0f5:309e — The IPv6 address of the client host
  • [MAC] 00-0c-29-1d-cc-bd (Apple) — The MAC address of the host. If the MAC address is not displayed, Kerio Control is not able to see the MAC address of the host.
  • [Hostname] jsmith-cp — The computer hostname

 

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted

Comments