Enable logging by message ID?
Firebox T70 v12.4.1.B595401
Sending firewall logs to external application. Firewall logs being sent are with log ID 3000-0148 for packet filter, but do not include bytes sent and received for the session. According to the log catalog, log ID 3000-0151 includes these fields though I do not see a way to turn on logging for this ID. Is there a way to enable which logs are forwarded to a destination based upon log ID?
Things we have tried/looked into:
- Looked into the following on management server: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/fsm/enable_notification_messages_wsm.html - it does provide us the ability to select messages by ID, though the desired ID 3000-0151 is not present, nor are the log IDs of the logs which are actually being sent, e.g., 3000-0148, 2CFF-0000.
- We do get bytes sent and received from the various proxy logs (e.g., http(s), ftp, dns, etc.) though we need this for basic firewall policies, too, to cover all bases outside of these services.
In short, log ID 3000-0151 exists, how can we enable it so it is included in the feed we forward to an external application?