1. Log Retention

The retention period for system logs. Expired logs will be automatically deleted. The unit is days.

Minimum retention period: 30 days; 0 indicates permanent storage.

2. Enhanced Logging

Used to record interception logs from the "Malicious IP Blacklist" and the "Website Protection Blacklist."

Simple Mode: Only one log entry per IP per day is recorded (recommended option).

Full Mode: Logs are recorded for every interception (Note: This is highly likely to generate a substantial number of logs).

3. Log Synchronization

Synchronize log information to a log audit server for real-time log backup.

Synchronization is performed via the SYSLOG protocol (which uses the UDP protocol for communication, with the default port number being 514).

You need to fill in the log audit server information in the format "IP+port," for example: 192.168.1.100:514. Domain names, IPv4, and IPv6 are supported. For multiple server addresses, separate them by line breaks, and the system will send log messages to each one sequentially.

4. Log Alarm

An alarm will be triggered if the disk space occupied by logs exceeds the set threshold. Notifications will be sent once a day to prevent logs from consuming excessive disk space.