Tracking Unlogged Rules

By default TOS uses NSX Audit Log to monitor DFW modifications, however modification to rules that are marked non-logged (for example, Service Composer rules) are not published to audit log. If any rules in the monitored NSX are marked with no-log, follow the steps below in order to track any modification in SecureTrack.

Log Service Composer rule changes:

We recommend that you backup the stconf table prior to making any changes.

  1. In the browser address bar, after the IP address, add: /stcgitest.htm
  2. Click Edit StConf.
  3. Click Fetch StConf.
  4. Change the value of the read_audit_logs tag for nsx to 0.

    <nsx>                                                                                                                       

        <read_audit_logs>0</read_audit_logs>

    </nsx>

  5. Click Submit New Conf.