Network Analyzer
Searching the Network Analyzer logs
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908
153
• You can search for IP ranges, including subnets. For example:
•
172.168.1.1/24
or
172.168.1.1/255.255.255.0
matches all IP
addresses in the subnet 172.168.1.1/255.255.255.0
•
172.168.1.1-140.255
matches all IP addresses from 172.168.1.1 to
172.168.140.255
• The search returns results that match all of the search terms.
For example, consider two similar keyword entries:
172.20.120.127 tcp
and
172.20.120.127 udp
. If you enter the keywords
172.20.120.127 tcp
, UDP traffic would not be included in the search
results, since although the first keyword (the IP address) matches, the second
keyword,
tcp
, does not match.
• The search returns results that match all, any, or none of the search terms,
according to the option you select in Match.
For example, if you enter into Keyword(s):
172.20.120.127 tcp
and if from Match you select All Words, log messages for UDP traffic to
172.20.120.127 do not appear in the search results, since although the first
keyword (the IP address) appears in log messages, the second keyword (the
protocol) does not match UDP log messages, and so the match fails for UDP
log messages. If the match fails, the log message is not included in the search
results.
Printing the search results
After completing a search, a Printable Version button appears, allowing you to
download a printable HTML copy of the search results.
Select the Printable Version button to download the results. You can print this file,
save it to your computer for later use, or email it.
Downloading the search results
The FortiAnalyzer unit enables you to download the results of a search.
After completing a search, a Download Current View button appears. Select the
button to download the results.
Search results can be saved in comma-separated value (
.csv
) format or in
standard log (
.log
) format.
To download log search results
1
Go to
Tools
>
Network Analyzer
>
Search
.
2
Perform a search using either basic or advanced search.
If your search finds one or more matching log events, a Download Current View
button appears next to the Printable Version button.
3
Select Download Current View.
Options appear for the download’s file format and compression.
Note:
Large logs require more time to download. Download times can be improved by
selecting Compress with gzip.
Содержание FortiAnalyzer 3.0 MR7
Страница 1: ...www fortinet com FortiAnalyzer Version 3 0 MR7 A D M I N I S T R A T I O N G U I D E...
Страница 74: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 74 05 30007 0082 20080908 Maintenance System...
Страница 108: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 108 05 30007 0082 20080908 Rolling and uploading logs Log...
Страница 138: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 134 05 30007 0082 20080908 Browsing reports Reports...
Страница 150: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 142 05 30007 0082 20080908 Output Alert...
Страница 180: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 170 05 30007 0082 20080908 File Explorer Tools...
Страница 232: ...FortiAnalyzer Version 3 0 MR7 Administration Guide 220 05 30007 0082 20080908 Index...
Страница 233: ...www fortinet com...
Страница 234: ...www fortinet com...