For troubleshooting purposes, including the interface that a packet/URL is going out would be very helpful.
While viewing a live log I would just need the interface, eth0, eth1, br1, etc, added to the line so that I can be sure that my multipathi rules are working.
2010:05:12-07:17:47 proxy httpproxy: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.2" user="" request="0" url="http://somelink.com" INTERFACE="eth1"7 votes
In addition to the "support for multiple remote syslog servers" it would be very nice if one could choose which log files to send to which remote syslog server.
There could be profiles that allow e.g. to only send Content Filter logs to an ARM server but send Packet Filter logs to another alerting system and maybe backup all log files on a third central syslog server.
There is the possibility to choose which log files to send, but not on a per-remote-syslog server level.17 votes
In large logs, is not necessary to search from 00:00:00 to 23:59:59 if I want to search in another hour interval, for example, from 09:00:00 to 12:00:00, and not waste time5 votes
It would be nice to have the possibility to send notifications not only with email and snmp, but also via Feed RSS. In this case admin should set the interfaces/ip address authorized to access to this feeds. It is a non invasive way (such as mail) to notificate important events to admins.4 votes
Add support for storage devices such as iSCSI, so that Astaro can write long term data such as logs, reporting, and quarantine data to storage off of the appliance. this would allow for better recovery in the event of hardware failure.9 votes
When you install a new server, all logs are lost since the logs remain at the old server.11 votes
Add the ability to globally search all logs for matching strings from a single entry box for a specified date/time range.50 votes
This feature is planned for the UTM 9.2 release later in 2013. Stay tuned.
- Don't see your idea?