If we have an external log server, we can point our Security Management Server logs to that server so it's saved there too.
This can be used to research alerts, rejected connections, failed authentication attempts, analyze traffic patterns, and meet compliance requirements (government)
Export
The logs on the Security Gateway can also be exported and then imported into a SIEM or a dedicated log server
Track Options
Alert Options
Per Connection
Every single conversation / connection
More logs
Per Session
Puts a bunch of connections into one object
Less logs
Log
Queries
The SmartConsole usually displays the first top 50 queries in the default log menu. Predefined queries exist however, custom queries can be made
