Hello,
I have an 3D 8140 device that is implemented inline between costumers LAN and Data Center. My costumer is required to log everything that goes on in the network for 30 days. I did that by creating a rule in the Access Policy to monitor all traffic and send it to syslog. Unfortunately, it resulted with 115Milion syslog messages in period of 24h. The thing is, 99% of that falls to DNS query’s towards Domain Controllers. Is there a way to exclude those connections from being logged in any way since I do have destination IP Protocol and Port?
It is disabled ATM since it is killing my syslog device
I am configuring the device through vFMC 6.4.0.7