Blue Coat Systems Blue Coat Systems SG Appliance manual Viewing the Event Log Contents

Page 19

Chapter 2: Monitoring the SG Appliance

Syslog notification: disabled

Syslog facility: daemon Event recipients:

SMTP gateway: mail.heartbeat.bluecoat.com

Viewing the Event Log Contents

Again, you can view the event log contents from the show command or from the event-log configuration mode.

The syntax for viewing the event log contents is

SGOS# show event-log

-or-

SGOS# (config event-log) view

[start [YYYY-mm-dd] [HH:MM:SS]] [end [YYYY-mm-dd] [HH:MM:SS]] [regex regex substring string]

Pressing <Enter> shows the entire event log without filters.

The order of the filters is unimportant. If start is omitted, the start of the recorded event log is used. If end is omitted, the end of the recorded event log is used.

If the date is omitted in either start or end, it must be omitted in the other one (that is, if you supply just times, you must supply just times for both start and end, and all times refer to today). The time is interpreted in the current timezone of the appliance.

Understanding the Time Filter

The entire event log can be displayed, or either a starting date/time or ending date/time can be specified. A date/time value is specified using the notation ([YYYY-MM-DD] [HH:MM:SS]). Parts of this string can be omitted as follows:

If the date is omitted, today's date is used.

If the time is omitted for the starting time, it is 00:00:00

If the time is omitted for the ending time, it is 23:59:59

At least one of the date or the time must be provided. The date/time range is inclusive of events that occur at the start time as well as dates that occur at the end time.

Note: If the notation includes a space, such as between the start date and the start time, the argument in the CLI should be quoted.

Understanding the Regex and Substring Filters

A regular expression can be supplied, and only event log records that match the regular expression are considered for display. The regular expression is applied to the text of the event log record not including the date and time. It is case-sensitive and not anchored.

You should quote the regular expression.

Since regular expressions can be difficult to write properly, you can use a substring filter instead to search the text of the event log record, not including the date and time. The search is case sensitive.

Regular expressions use the standard regular expression syntax as defined by policy. If both regex and substring are omitted, then all records are assumed to match.

19

Page 18 Page 20
Image 19
Page 18 Page 20
Contents Blue Coat Systems SG Appliance Contact Information Contents Diagnostics Appendix a Glossary Index Volume 9 Managing the Blue Coat SG Appliance Document Conventions About Managing the SG ApplianceVolume 9 Managing the Blue Coat SG Appliance Automatically Registering the SG Appliance with Director Using Director to Manage SG SystemsTo register the appliance with a Director Related CLI Commands for Director RegistrationDirector Registration Requirements Registering the SG Appliance with DirectorTo view the fingerprint of the key Setting up Director and SG Appliance CommunicationTo view the system summary statistics Monitoring the System and DisksSystem Summary To delete a keyTo view the system environment statistics Viewing System Environment SensorsTo view disk status or take a disk offline Viewing Disk StatusTo view SSL accelerator cards Setting Up Event Logging and NotificationConfiguring Which Events to Log Viewing SSL Accelerator Card InformationEnabling Event Notification Setting Event Log SizeRelated CLI Commands for Setting the Event Logging Level Related CLI Commands to Set the Event Log SizeRelated CLI Commands to Enable Event Notifications To enable event notificationsSyslog Event Monitoring Related CLI Commands to Enable Syslog Monitoring Viewing Event Log Configuration and ContentViewing the Event Log Configuration To enable syslog monitoringViewing the Event Log Contents Enabling Snmp Configuring SnmpTo enable and configure Snmp Related CLI Commands to Enable and Configure SnmpTo set or change community strings Configuring Snmp Community StringsTo enable Snmp traps Configuring Snmp TrapsRelated CLI Commands for Enabling Snmp Traps Health Monitoring Requirements Configuring Health MonitoringAbout Health Monitoring About the Health Monitoring Metric TypesAbout License Expiration Metrics Health Monitoring ExampleAbout the General Metrics About Health Monitoring NotificationAbout the Licensing Metrics Metric Threshold States and Corresponding Values About the Status MetricsTo change the threshold and notification properties Changing Threshold and Notification PropertiesGetting a Quick View of the SG Appliance Health To review the health monitoring statistics Viewing Health Monitoring StatisticsRelated CLI Syntax to View Health Monitoring Statistics TroubleshootingVolume 9 Managing the Blue Coat SG Appliance Hardware and Software Restart Options Restarting the SG ApplianceTo restart the SG appliance Restore-Defaults Restoring System DefaultsKeep-Console Factory-DefaultsTo clear the DNS cache To restore system defaultsClearing the DNS Cache Clearing the Object CacheUpgrading the SG Appliance Troubleshooting TipClearing the Byte Cache Clearing Trend StatisticsTo upgrade the SG appliance SG Appliance 5.x Version UpgradeRelated CLI Syntax to Upgrade the Sgos Software Managing SG Appliance Systems To view Sgos system replacement optionsTo view details for an Sgos system version Example Session Setting the Default Boot SystemTo set the SG appliance to run on the next hardware restart To unlock a system Locking and Unlocking SG Appliance SystemsReplacing an SG Appliance System To lock a systemTo delete a system Deleting an SG Appliance SystemDisk Reinitialization Multi-Disk SG AppliancesTo delete multiple objects from the SG appliance Single-Disk SG ApplianceDeleting Objects from the SG Appliance To delete a single object from the SG applianceDiagnostics Sending Service Information Automatically Diagnostic Reporting Service InformationTo send service information automatically Related CLI Syntax to Send Service Information Managing the Bandwidth for Service InformationTo manage bandwidth for service information To send service information Configure Service Information SettingsSGOS#diagnostics service-info subcommands To create a new snapshot job Creating and Editing Snapshot JobsTo edit an existing snapshot job Related CLI Syntax to Edit an Existing Snapshot Job Following subcommands are availablePcap File Name Format Packet Capturing the Job UtilityCommon Pcap Filter Expressions Using Filter Expressions in the CLI Configuring Packet CapturingTo enable, stop, and download packet captures Diagnostics Viewing Current Packet Capture Data Related CLI Syntax to Define Packet Capturing SettingsTo view current packet capture statistics To configure core image restart optionsCore Image Restart Options Uploading Packet Capture DataTo set daily heartbeats and/or Blue Coat monitoring Diagnostic Reporting HeartbeatsRelated CLI Syntax to Manage Heartbeats and Monitoring To configure and view CPU monitoring Diagnostic Reporting CPU MonitoringRelated CLI Syntax to Configure and View CPU Monitoring Volume 9 Managing the Blue Coat SG Appliance Selecting the Graph Scale StatisticsTraffic Mix Viewing Traffic Distribution StatisticsRefreshing the Data Understanding Chart DataAbout Bypassed Bytes Viewing Bandwidth Usage or Gain About the Default Service StatisticsTo view bandwidth usage or gain statistics Viewing Traffic History Viewing Client Byte and Server Byte Traffic DistributionTo view client and server byte statistics Supported Proxy Types and Services Unsupported Proxy Types To view client and server byte or bandwidth gain statistics Viewing the ADN HistoryViewing Bandwidth Management Statistics Viewing Protocol StatisticsSSL History To view CPU utilization Viewing System StatisticsResources Statistics Viewing CPU UtilizationTo view concurrent users Viewing Concurrent UsersTo view memory use statistics Viewing Disk Use StatisticsViewing Memory Use Statistics To view disk use statisticsTo view data allocation statistics Viewing Data Allocation Statistics in RAM and on DiskContents Statistics To view the event log Event Logging StatisticsActive Sessions-Viewing Per-Connection Statistics Failover StatisticsTo view failover statistics To view proxied sessions Analyzing Proxied SessionsViewing Proxied Sessions About the Proxied Sessions StatisticsProvided. See Viewing Sessions with Multiple Connections on Cache Hit Is unavailable if the content is non-cacheable or for Cifs About MMS Streaming Connections Using the Tool TipsViewing Sessions with Multiple Connections MMS Understanding the Tree ViewFiltering the Display What Is Not DisplayedAbout the Byte Totals Analyzing Bypassed Connections Statistics Viewing Html and XML Views of Proxied Sessions DataAbout the Bypassed Connection Statistics Viewing Bypassed ConnectionsTo view bypassed connections 14. Filter Drop-Down List Viewing Health Check Statistics Viewing the Access LogViewing Html and XML Views of Bypassed Connections Data Viewing Health Monitoring StatisticsUsing the CLI show Command to View Statistics Statistics Volume 9 Managing the Blue Coat SG Appliance Appendix a Glossary URL Appendix a Glossary Drtr Icmp Volume 9 Managing the Blue Coat SG Appliance MACH5 MIB NTP 100 Network Tunneling tab 102 103 104 Index 106 Snmp 108
Top Page Image Contents