Phone Lines icon GFI Support Home

Articles in this section

See more

Host Logs In Kerio Control

Author: Hewertton Francis Proença de Avelar

Overview

Logs keep information records of selected events that occurred in or detected by Kerio Control. This article explains the Host Logs and how it is analyzed. This log gives you information on who, when and which addresses and machines access the Kerio Control network.

Reference Information

Host logs report the activities being done by hosts, servers, and users.

The following shows examples of Host Logs:

User registration

Sample

[02/Mar/2014 13:36:49] [IPv4] 192.168.40.131 [MAC] 00-10-18-a1-c1-de (Apple) - Host registered

[02/Mar/2014 13:37:56] [IPv4] 192.168.40.131 [MAC] 00-10-18-a1-c1-de (Apple) [User] jsmith@company.com - User logged in

[02/Mar/2014 16:48:52] [IPv4] 192.168.40.131 [MAC] 00-10-18-a1-c1-de (Apple) - User jsmith@company.com logged out

[02/Mar/2014 16:48:52] [IPv4] 192.168.40.131 [MAC] 00-10-18-a1-c1-de (Apple) - Host removed

Syntax

  • [02/Mar/2014 13:36:49] — The date and time when the action happened.
  • [IPv4] 192.168.40.131 — The IPv4 address of the client host
  • [MAC] 00-10-18-a1-c1-de (Apple) — MAC address of the host. If the MAC address is not displayed, Kerio Control is not able to see the MAC address of the host.
  • jsmith@company.com —The username authenticated through the firewall


IP address released from DHCP

Sample

[04/Mar/2014 12:07:28] [IPv4] 10.10.30.81 [MAC] 00-0c-29-1d-cc-bd (Apple) [Hostname]

Syntax

  • jsmith-cp - The IP address leased from DHCP
  • [04/Mar/2014 12:07:28] — The date and time when the action happened.
  • [IPv4] 10.10.30.81 — The IPv4 address of the client host
  • [MAC] 00-0c-29-1d-cc-bd (Apple) — The MAC address of the host. If the MAC address is not displayed, Kerio Control is not able to see the MAC address of the host.
  • [Hostname] jsmith-cp — The computer hostname

Registering and removing an IPv6 address

IPv6 addresses are changed in time by the operating system of the host. 

Sample

[04/Mar/2014 16:05:28] [IPv4] 10.10.30.81 [IPv6] 2001:718:1803:3513:b4c6:82b3:e0f5:309e [MAC] 00-0c-29-1d-cc-bd (Apple) [Hostname] jsmith-cp - IPv6 address 2001:718:1803:3513:b4c6:82b3:e0f5:309e registered

[04/Mar/2014 16:23:25] [IPv4] 10.10.30.81 [MAC] 00-0c-29-1d-cc-bd (Apple) [Hostname] jsmith-cp - IPv6 address 2001:718:1803:3513:b4c6:82b3:e0f5:309e removed

Syntax

  • [04/Mar/2014 16:05:28] — The date and time when the action happened.
  • [IPv4] 10.10.30.81 — The IPv4 address of the client host
  • [IPv6] 2001:718:1803:3513:b4c6:82b3:e0f5:309e — The IPv6 address of the client host
  • [MAC] 00-0c-29-1d-cc-bd (Apple) — The MAC address of the host. If the MAC address is not displayed, Kerio Control is not able to see the MAC address of the host.
  • [Hostname] jsmith-cp — The computer hostname

 

Related articles