Datto Networking Appliance (DNA): Recent Events (Logs)

Follow

Topic

This article describes the Recent Events card of the Datto Networking Appliance's (DNA) GUI. 

Environment

  • Datto Networking Appliance (DNA)

Description

The Recent Events card shows recent system events, Intrusion Detection and Prevention (IDP), and web filter activity on your Datto appliance.

To access the Recent Events card, log into the DNA web interface, and click Status, as shown in Figure 1.

Figure 1: Status

You will see the Recent Events card displayed at the bottom of the page. The Recent Event card contains three tabs:

System

The System tab captures system events, such as the WAN and LTE interfaces going up and down, the appliance's firmware status, and the system boot time.

Figure 2: Recent Events - System tab (click to enlarge)

IDP

The IDP tab displays a history of your Datto appliance's Snort Network Intrusion Detection & Prevention deep packet inspection log activity. As packets enter the network, the DNA inspects each of them for potential malicious activity, and filters them if it detects that they may be harmful.

Figure 3: System Events - IDP tab (click to enlarge)

IDP event logs display under the following format for each entry:

  • Event Time: This column displays the timestamp of the IDP event.
  • Type: This column displays the SNORT ID (SID) of the event; clicking the SID will direct you to SNORT's documentation detailing the event.
  • Rule Description: This column displays a brief description of the rule triggered by the event.
  • Classification: This column displays the classification, or behavior of the event. For example, SNORT classifying an event as potentially bad traffic, or as an attempted information leak.
  • Source: This column displays the source IP address of the event.
  • Destination: This column displays the destination IP address of the event.

 

Web Filters

The Web Filters tab lists web access requests to sites blocked by the DNA's web filtering technology. The logs show the time the device received the request, the address requested, and the IP address sending the request.

Figure 4: Recent Events - Web Filters tab (click to enlarge)


Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Head on over to our Community Forum!