Archiving Log Files
The Archived Files page lists the files
that have been archived for devices Collector Server wise, along with options to load the
file to view the report and search. Firewall Analyzer Collector Server archives the logs received from each device (which it monitors), and zips
them in regular intervals.
Select the Collector: combo box lists all the Collector servers registered with this Admin server. Select the Collector server as per your requirement.
The Archived Files page lists the zipped files for each device, along with the archived time, file size, and archiving
status.
The list contains the following columns:
- Device
- FileName
- StartTime
- ArchivedTime
- FileSize
- Status
- Action
Loading Archived Files
To load an archived file for search, click the Load to
Search link against the device for which you need to see archived
data. Once the file is fully loaded, you can search
for data in the archives, and view specific information.
Viewing Data from Archived Files
Once the archive is fully loaded, click the Report
link to search for specific data in the archive. In the Raw Log Search popup window that
opens, enter the criteria for the data, such as the firewall, user name,
protocol, etc. Choose traffic logs or security logs, the time interval for which you want to see the data that meets
all or any of the criteria. Click Search to view the records
that match the criteria that you have specified.
The Search Result screen displays Device Name, Defined Criteria, Searched From (Traffic Logs or Security Logs) details on the top left side. You have the Edit Search Criteria link on the top right side.
In the Search Result Between <Selected Time Interval>, you can view the Formatted Logs or Raw Logs by selecting the respective tabs.
You can configure the columns of the Search Result table. You can also select View per page to select the number of log entries to be displayed in a single page.
|