FortiAnalyzer Version 3.0 MR7 Administration Guide
102
05-30007-0082-20080908
Searching the logs
Log
Device/Group
Select to search logs from the FortiAnalyzer unit (LocalLogs), a device,
or a device group.
Date
Select to search logs from a time frame, or select Specify and define a
custom time frame by selecting the From and To date and times.
From
Enter the date and select the time of the beginning of
the custom time range.
This option appears only when Date is Specify.
To
Enter the date and select the time of the end of the
custom time range.
This option appears only when Date is Specify
Keyword(s)
Enter search terms which will match to yield log message search results.
To specify that results must include all, any, or none of the keywords,
select these options in Match.
Quick Search
Select to perform a Quick Search. Keywords for a Quick Search cannot
contain special characters. Quick Search examines only indexed fields.
Full Search
Select to perform a Full Search. Keywords for a Full Search may contain
special characters. Full Search examines all log message fields.
More Options
Select the blue arrow to hide or expand additional search options.
Match
Select how keywords are used to match log messages
which comprise search results.
•
All Words
: Select to require that matching log
messages must contain all search keywords. If a
log message does not contain one or more
keywords, it will not be included in the search
results.
•
Any Words
: Select to require that matching log
messages must contain at least one of the
search keywords. Any log message containing
one or more keyword matches will be included in
the search results.
•
Does Not Contain the Words
: Select to require
that matching log messages must not contain the
search keywords. If a log message contains any
of the search keywords, it will be excluded from
the search results.
Other Filters
Specify additional criteria, if any, that can be used to
further restrict the search criteria.
•
Log Type
: Select to include only log messages of
the specified type. For example, selecting Traffic
would cause search results to include only log
messages containing
type=traffic
.
•
Log Severity
: Select to include only log
messages of the specified severity. For example,
selecting Notice would cause search results to
include only log messages containing
pri=notice
.
•
Source IP
: Enter an IP address to include only
log messages containing a matching source IP
address. For example, entering
192.168.2.1
would cause search results to include only log
messages containing
src=192.168.2.1
and/or
content log messages containing a client IP
address of
192.168.2.1
.
Содержание FortiAnalyzer 3.0 MR7
Страница 1: ...www fortinet com FortiAnalyzer Version 3 0 MR7 A D M I N I S T R A T I O N G U I D E...
Страница 74: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 74 05 30007 0082 20080908 Maintenance System...
Страница 108: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 108 05 30007 0082 20080908 Rolling and uploading logs Log...
Страница 138: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 134 05 30007 0082 20080908 Browsing reports Reports...
Страница 150: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 142 05 30007 0082 20080908 Output Alert...
Страница 180: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 170 05 30007 0082 20080908 File Explorer Tools...
Страница 232: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 220 05 30007 0082 20080908 Index...
Страница 233: ...www fortinet com...
Страница 234: ...www fortinet com...