Firstly, Happy new year to all!!
I noticed on post from sometime ago on live and wondered how I would go about this...
"Remove logging of non user significant traffic like DNS, NetBios, Dynamic Routing protocols, SNMP, ICMP"
Jut trying to fine tune our VM and as Reaper said in another live statement 'DNS is chatty' but for the life of me I cannot figure how to omit DNS traffic from monitor logs.
Or have I missed the point??
D.
Hi Darren, best wishes for 2021! It's actually quite simple: create a new rule for dns, and disable logging This will omit all 'traffic' log but will still pick up on threats Repeat for other applications you don't want filling your firewall log :)
log forwarding for the threats to panorama or syslog will also keep working (just not for traffic log)