Importing Log Files

 

The Import Log Files link lets you import a log file from the local machine or remotely, through FTP. The Imported Log Files page shows you the list of log files imported, along with details such as the host from which it was imported, and the status of the import. Importing of archived files (.gz format) created by Firewall Analyzer and zipped log files (.zip format) are also supported.

 

Tip Use this option to import log files from squid proxy servers.

 

Click the delete icon to delete an imported log file from the database.

Importing a Log File

  1. Click the Import Log File link to import a new log file.
  2. Choose Local Host if the log file is present in the local machine from which you are accessing the Firewall Analyzer server. Click Choose File to select the log file.
  3. The option Ignore UnParsed/Junk Record(s) enables the Firewall Analyzer to skip those records in the imported log file, that are in unsupported format and continue with parsing the subsequent supported records in the file. If not selected, the Firewall Analyzer will not parse the entire log file even if one record contains unsupported log format. Then click Import to import the log file into the database.
  4. Choose Remote Host if you need to import the particular log file or the entire directory containing the log files from a remote location on the network.
    1. Enter the remote host's HostName or IP address in the Remote HostName/IP text box, and the FTP user name and password in the Remote Username and Remote Password text boxes.
    2. Enter the Time Interval (Scheduling time in Minutes) after which Firewall Analyzer should retrieve new log files.
    3. Select the Ignore UnParsed/Junk Record(s) option as per requirement.
    4. Enter the location on the remote machine where the log file or the entire directory containing the log files is present in the Location text box. You can click the List Files/Directories link to locate the file on the remote computer.
    5. Select the Change filename dynamically option, if you want to import the log files which change their names dynamically.
    6. Select the date and/or time file name pattern from the Filename pattern: combo box or add a new pattern using the Blue Cross icon.
  5. Finally click Import to import the log file into the database.
Note

Local Host:

Log records imported from local host. Protocol: HTTP, Max File Size: 1 GB

Remote Host:

Log records imported from remote host. Protocol: FTP, Max File Size: 2 GB

 

Note If you have selected the Ignore UnParsed/Junk Record(s) while importing the logs, the records will not be shown when the unsupported icon is clicked on the sub tab.

 

Note Microsoft ISA Proxy creates log file with new name (with time stamp appended) everyday. If the Microsoft ISA Proxy log files are to be imported, you do not have to change the filename daily, instead select the Change filename dynamically option while importing the logs. Selecting the option displays the the Filename pattern: text box to enter the time stamp pattern that the Proxy server appends when the Proxy server creates the log file daily. A help tip icon displays, (when you hover the mouse on the icon) the mapping of the Timestamp in Filename to the Pattern to be given. Enter the pattern as required.

 

The supported formats for imported log files is shown below the Location box. We also support importing of archived files (.gz format) created by our Firewall Analyzer.

If you are importing an unsupported log file, a warning message is shown. You can still import the file, but records will show up when the unsupported icon is clicked on the sub tab.

 

 

The time taken to import a log file depends on its file size. Once the file has been imported successfully, the device from which it was imported is listed in the appropriate category, and the reports are generated automatically.

 

The Imported Log Files table shows the list of all log files imported so far. In this list, the latest imported log file will appear on the top.

The list contains the following columns:

 

Column Head Description
File Name Name of the imported log file. Click on the Error in displaying log message icon to know the details of errors while importing the log files.
Remote Host Remote Host from where the log file has been imported.
Protocol HTTP for local host and FTP for remote host.

Status

Indicates the status of file import. Various status are listed below.

Imported Time The time stamp at which the log file was imported.
Size The size of the imported log file.
Time Taken The time taken to import the log file.
Action No action for log files imported from local hosts and enable or disable collecting logs from the device (using enable toggle icon) at specific time interval for remote hosts.

 

The number of imported log files listed per page can be selected in View per page: list (5, 10, 20. 50, 100). HTTP is displayed in the Protocol column, if logs have been imported from the local machine. FTP is displayed in the Protocol column, if logs have been imported from a remote machine. Click the FTP link to see the remote host details and file details for the log file imported. Click the enable toggle icon in the Action column to enable or disable collecting logs from this device after the specified time interval. Select the check box(es) of imported log file(s) to be deleted (there is a separate check box for each imported file) and click the delete icon to delete all log files imported from this device.

 

Status of File Import

Copyright © 2011, ZOHO Corp. All Rights Reserved.
ManageEngine