The Archived Files page lists the files that have been archived for devices Collector Server wise, along with options to load the file to view the report and search. Firewall Analyzer Collector Server archives the logs received from each device (which it monitors), and zips them in regular intervals.
Select the Collector: combo box lists all the Collector servers registered with this Admin server. Select the Collector server as per your requirement.
The Archived Files page lists the zipped files for each device, along with the archived time, file size, and archiving status.
The list contains the following columns:
To load an archived file for search, click the Load to Search link against the device for which you need to see archived data. Once the file is fully loaded, you can search for data in the archives, and view specific information.
Once the archive is fully loaded, click the Report link to search for specific data in the archive. In the Raw Log Search popup window that opens, enter the criteria for the data, such as the firewall, user name, protocol, etc. Choose traffic logs or security logs, the time interval for which you want to see the data that meets all or any of the criteria. Click Search to view the records that match the criteria that you have specified.
The Search Result screen displays Device Name, Defined Criteria, Searched From (Traffic Logs or Security Logs) details on the top left side. You have the Edit Search Criteria link on the top right side.
In the Search Result Between <Selected Time Interval>, you can view the Formatted Logs or Raw Logs by selecting the respective tabs.
You can configure the columns of the Search Result table. You can also select View per page to select the number of log entries to be displayed in a single page.