Which logs are not transmitted in forwarding log mode?

In forwarding log mode, the logs that are not transmitted are the content files, which include DLP (Data Loss Prevention) and antivirus quarantine logs. This is because forwarding log mode is designed to transmit standardized log entries that provide a clear and concise record of network events.

Content files, such as those related to DLP and antivirus quarantines, typically involve larger, complex data sets that contain detailed information about specific events and transactions. These files often require different handling and storage methods, rather than being forwarded in the same way as standard logs.

Consequently, firewalls and traffic logs, system event logs, and application logs are transmitted in forwarding log mode as they represent essential operational insights and security events that are crucial for monitoring and analysis. This standard practice ensures that administrators receive timely and actionable alerts without the overhead of transmitting larger content files that are not suited for forwarding in this manner.