Summary
In this chapter, you learned where to find all the different types of log files and how aggregated information can lead to identifying a botnet. You can now perform a packet capture using filters to capture only what you need. You can interpret a session on the firewall and identify key attributes such as the NAT direction, the end reason, and the timeout settings. You can verify whether the firewall has connectivity to all its cloud services and whether an anticipated flow will hit all the intended policies using the troubleshooting tool. You can also perform key tasks such as a factory reset or loading a different configuration file from Maintenance Mode.
If you’re preparing for the PCNSE, troubleshooting is quite an important part. Remember what information can be found in each log file, and specifically memorize which log databases are available. Carefully review the session states and the information contained in session outputs.
In the next chapter, we...
