"Any from Firebox-00" traffic still logged even if checkbox is unchecked in diagnostic setup


My firewall is sending a lot of "useless" logs to my splunk instance and i tried to remove it without success (to reduce the future needed daily indexed license...).

Any idea of what i could have missed ?




  • Options
    edited July 2021

    NB : setup / logging / Diagnostic log level / "Enable Logging from traffic sent from this device" has been unchecked.

  • Options

    Seems that the second checkbox did the job : "Enable logging for reports for traffic sent from this device (Fireware OS version 11.10.5 and higher)".

  • Options

    remaining question : what is the goal of the first checkbox then ?

  • Options

    Traffic Monitor only - not for reports

Sign In to comment.