If you need to get log files from a D-Link NetDefend UTM Firewall (DFL-260E, DFL-860E, DFL-870, DFL-1660, DFL-2560 or other NetDefend models), you have to use an external SysLog server. It can be some SysLog server for Windows (Kiwi, SysLog Watcher, etc.) or the standard syslogd or rsyslogd for Linux. The general requirements for the SysLog server are its uninterrupted 24/7 operation and ability to access log files at the ProxyInspector end.
You need to enable logging for all Firewall rules. You can do it as follows: Policies | Firewalling | Rules | Main IP Rules:
Turn on Logging switch for each rule that allows external traffic:
D-Link NetDefend UTM Firewalls can send data to multiple SysLog servers. To use this feature, open System | Device | Device | Log and Event Receivers, click the Add button, select Syslog Receiver, specify your SysLog server’s IP address, name, and port, and save it. Currently, D-Link NetDefend UTM Firewalls support SysLog over UDP only. It is recommended that you remove the default Memory Log Receiver to minimize the usage of the built-in CompactFlash memory card, which will reduce the probability of its failure.
You need to specify the log files’ path and mask for ProxyInspector, so that it can access them. Typically, it is a network path to a folder on the SysLog server.