There are massive logs to be analyzed along with increased cyber security devices. Usually, IAG audit logs need to be sent to a third-party log platform and other devices for unified or personalized log analysis. Sangfor IAG offers a method for realizing the requirements.

Prepare an IAG Internet access audit policy. The Internet access behavior can be audited, and the logs on Internal BI or External BI can be viewed.

Internal BI (i.e., IAG device) or External BI can communicate with the third-party log platform (equipped with a Syslog server or FTP server interface).

Internal BI enables log export function:

• Log in to the IAG device console, click Logs in the upper-right corner, and select Sangfor Business Intelligence to go to the Business Intelligence console.

• Click Log Export in the navigation bar at the top.

• Alternatively, enter the Report Center, and go to System > Settings > Log Export.

• Enter the Log Export page where the log export feature is disabled by default.

• Select Enable log export. A message describing the log export impacts on system performance is prompted.

External BI enables log export function:

• This function is disabled by default in System > Settings > Log Export. Therefore, select Enable log export.

Using the separated business intelligence system to implement the log export function is recommended. In contrast, more device performance will be wasted when the predefined business intelligence system enables this function.