Enabling log non-aggregation for single-packet attack events
About log non-aggregation
Log aggregation aggregates multiple logs generated during a period of time and sends one log. Logs that are aggregated must have the following attributes in common:
Attacks are detected on the same interface or security zone or are destined for the device.
Attack type.
Attack defense action.
Source and destination IP addresses.
VPN instance to which the victim IP address belongs.
Restrictions and guidelines
As a best practice, do not disable log aggregation. A large number of logs will consume the display resources of the console.
Procedure
Enter system view.
system-view
Enable log non-aggregation for single-packet attack events.
attack-defense signature log non-aggregate
By default, log non-aggregation is disabled for single-packet attack events.