Manuals / Blue Coat Systems / Kitchen Appliance / Appliance Trim Kit

Blue Coat Systems Blue Coat Systems SG Appliance manual Viewing the Event Log Contents

Models: Blue Coat Systems SG Appliance SGOS Version 5.2.2

1 108
Download 108 pages 21.03 Kb
Page 19
Image 19
Viewing the Event Log Contents

Chapter 2: Monitoring the SG Appliance

Syslog notification: disabled

Syslog facility: daemon Event recipients:

SMTP gateway: mail.heartbeat.bluecoat.com

Viewing the Event Log Contents

Again, you can view the event log contents from the show command or from the event-log configuration mode.

The syntax for viewing the event log contents is

SGOS# show event-log

-or-

SGOS# (config event-log) view

[start [YYYY-mm-dd] [HH:MM:SS]] [end [YYYY-mm-dd] [HH:MM:SS]] [regex regex substring string]

Pressing <Enter> shows the entire event log without filters.

The order of the filters is unimportant. If start is omitted, the start of the recorded event log is used. If end is omitted, the end of the recorded event log is used.

If the date is omitted in either start or end, it must be omitted in the other one (that is, if you supply just times, you must supply just times for both start and end, and all times refer to today). The time is interpreted in the current timezone of the appliance.

Understanding the Time Filter

The entire event log can be displayed, or either a starting date/time or ending date/time can be specified. A date/time value is specified using the notation ([YYYY-MM-DD] [HH:MM:SS]). Parts of this string can be omitted as follows:

If the date is omitted, today's date is used.

If the time is omitted for the starting time, it is 00:00:00

If the time is omitted for the ending time, it is 23:59:59

At least one of the date or the time must be provided. The date/time range is inclusive of events that occur at the start time as well as dates that occur at the end time.

Note: If the notation includes a space, such as between the start date and the start time, the argument in the CLI should be quoted.

Understanding the Regex and Substring Filters

A regular expression can be supplied, and only event log records that match the regular expression are considered for display. The regular expression is applied to the text of the event log record not including the date and time. It is case-sensitive and not anchored.

You should quote the regular expression.

Since regular expressions can be difficult to write properly, you can use a substring filter instead to search the text of the event log record, not including the date and time. The search is case sensitive.

Regular expressions use the standard regular expression syntax as defined by policy. If both regex and substring are omitted, then all records are assumed to match.

19

Page 18 Page 20
Page 19
Image 19
Blue Coat Systems Blue Coat Systems SG Appliance manual Viewing the Event Log Contents, Understanding the Time Filter
Page 18 Page 20