More useful firewall logs

Peplink offers firewall rules that can be keyed off a domain name. Yippee for that. But, when such a rule is triggered to generate a log entry, the DST in the log is an IP address making the whole thing pretty useless.

And, for the ninth time, please include the name of the firewall rule in the log. Those of us with many firewall rules are easily confused.

@sitloongs Can you please escalate this request.[quote=“Michael234, topic:45931”]
please include the name of the firewall rule in the log
[/quote]

There were requests by people about this 3 1/2 years ago on here asking Peplink to make the firewall logging more useful. Link Somebody mentioned back then about adding the firewall rules name to the log and even said that it was requested I guess way back in 2016. 8 years ago now!!! I’m generally a very patient person with things, but this is beyond ridiculous that the logging system has been left untouched for this long.

I learned a long time ago when I first got into networking and firewalls 20+ years ago, that one of the most useful tools there was when you had an issue with something and you had to try and troubleshoot and figure it out came from the firewall logs. An easily readable logging system makes all the difference when your trying to look behind the scenes to see whats going on. The current state of Peplinks logging however makes this very difficult to do.

In the short time that I’ve used Peplinks products I would say the logging system has been one of the biggest disappointments to me. It’s such an important part of any router/firewall IMO. I really wish Peplink would see the value in it more and put a lot more attention and time into it to really improve it. It would only elevate their routers/firewall that much more if they did.

Along with this, we also need the ability to add note/comment to firewall rules and address objects. Coming back to some of these later its hard to remember what it was for.

Yes. Yes. Yes. Yes. Yes. Completely agree. Yes.

I agree. The firewall logs are lacking detail. Another functional issue is that I cannot figure out how to export the logs either. I have had to resort to a cut and paste. @sitloongs can you add more detail as requested above and provide export functionality?

Ted

Some very easy quality-of-life improvements:

1. The Firewall Event Log should be formatted in HTML table format, with one column per field. Right now it’s 2 columns (Timestamp, Everything Else).
2. IP addresses and/or Mac addresses should list the client name (if there’s a DHCP client name or one that was manually created)

More advanced features:

• ability to show/hide various columns.
• the firewall rule should be a hyperlink which points back to the actual rule in the UI (e.g. to the actual rule inside Firewall/Access Rules/[rule name]
• there should be a column showing the firewall rule category (Outbound, Inbound, Internal, Intrusion Detection, Local Service…)
• IP addresses and /or MAC addresses could be hyperlinks which head back to the Client List screen. Or they could be hover-over popups that give more useful info.

Interesting list. Of these suggestions, my top priority would be adding the client name. That would really make it easy to eyeball the log.

Great suggestions! I hope the people at Peplink are listening.

i’m experiencing firewall logs not showing up at in incontrol2 but are in the device firewall logs also some logs don’t seem to show at all even when the rule logging is enabled. Anyone run into this issue?

@ADM_Pereira You may see the firewall logs here in Incontrol2. You just have to go to the device level and select ‘Firewall Logs’.

11920×871 86.1 KB

If this is not the case, please open up a ticket here and we can follow up from there.