We need this information, because we include it in our daily reports, just to see if somebody is only probing (dir...) or tries something else. Is there any switch / parameter that is controlling the recording of context information ? I checked the settings within the .SizWizMenu program, and both maschines are using the same definitions.
There is not a switch in packetd, but there is one for loggerd.
Try looking in loggerd.conf for the token MinContextLevel.
Normally this is set to 2 so level 2 alarms and higher will have their Context logged, but if you accidentally changed this to 5 then your level 4 alarm being generated will not have it's Context information logged in the sensor log file.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...