Enabling log non-aggregation for single-packet attack events
Log aggregation aggregates multiple logs generated during a period of time and sends one log. Logs that are aggregated must have the following attributes in common:
Attacks are detected on the same interface or destined for the device.
Attack type.
Attack defense action.
Source and destination IP addresses.
VPN instance to which the victim IP address belongs.
As a best practice, do not disable log aggregation. A large number of logs will consume the display resources of the console.
To enable log non-aggregation for single-packet attack events:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable log non-aggregation for single-packet attack events. | attack-defense signature log non-aggregate | By default, log non-aggregation is disabled for single-packet attack events. |