Reviewing system logs

Use the System Logs page for the Network IPS appliance to filter and search the appliance system logs to display and research events.

About this task

Navigating in the Network IPS Local Management Interface: Review Analysis and Diagnostics > Logs > System

Use stream live data to view log files immediately and in a constant scrolling list; however, using this feature might affect bandwidth and performance.

Procedure

  1. In the System Logs Filter area, expand the area to display Filter criteria settings and the Manage views area.
  2. Click Filter time range to focus the search on a specific time period.
  3. In the Search text field, type keywords to filter the event lists.
    Notes:

    For system and firewall logs, the appliance searches files by using approximate string matching. Use this syntax when you type text in the Search text field. For security alerts, the appliance searches files by using approximate string matching for only the Event Name option. You must use exact matches for all other Search text options.

    You can search for more than one keyword by clicking the Plus icon or you can delete keyword searches by clicking the Minus icon.

  4. If you want to save searches, click Save Filter.
    Note: The appliance keeps a default filter of system alerts and saves custom filters. You can delete custom filters but you cannot delete the system alerts default filter.
  5. In the Manage views area, type a name for the search in the Filter tag field and click Save. You can Load or Delete searches based on your needs.
  6. Use Oldest, Older, Newer, and Newest to browse through lists of log files.