Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Documentation Search

     

    Related Documentation

     

    Troubleshooting NSM Log Collection Issues

    Problem

    You can use the scio logview utility to view contents of log files before the logs are forwarded to NSM. This way, if you suspect a problem with logging features, you can compare the device-side logs with the NSM-side logs.

    Solution

    The following example commands show how to navigate to the logs directory, sort by date, and use the scio logview command to display contents of a recent log.


    [root@defaulthost ~]# cd /var/idp/device/logs/


    [root@defaulthost logs]# ls -lat | less
    drwx------  2 idp idp 69632 Aug  5 11:50 .
    -rw-------  1 idp idp  2788 Aug  5 11:50 1281034151.log
    -rw-------  1 idp idp   212 Aug  5 11:50 1281034242.log
    -rw-------  1 idp idp     0 Aug  5 11:50 1281034242.wait
    -rw-------  1 idp idp   384 Aug  5 11:49 1281034128.log
    -rw-------  1 idp idp  1232 Aug  5 11:48 1281034081.log
    -rw-------  1 idp idp  1680 Aug  5 11:47 1281034035.log
    -rw-------  1 idp idp   744 Aug  5 11:47 1281033989.log
    -rw-------  1 idp idp  1868 Aug  5 11:46 1281033942.log
    -rw-------  1 idp idp   952 Aug  5 11:45 1281033916.log
    -rw-------  1 idp idp   260 Aug  5 11:44 1281033804.log
    -rw-------  1 idp idp   260 Aug  5 11:43 1281033699.log
    -rw-------  1 idp idp   260 Aug  5 11:41 1281033590.log
    -rw-------  1 idp idp   260 Aug  5 11:39 1281033484.log
    -rw-------  1 idp idp   260 Aug  5 11:37 1281033386.log
    -rw-------  1 idp idp   148 Aug  5 11:36 1281033138.log
    

    [root@defaulthost logs]# scio logview 1281034242.log
    Log :Time Generated : Thu Aug  5 11:50:41 2010
     Source IP 0.0.0.0 Source Port :0 -> Destination IP 0.0.0.0 Destination Port :0
    Category Enum : attackid :805306379 Severity Enum :SC_LOG_SEVERITY_INFO
    Protocol Enum :0 Action :SC_LOG_ACTION_NOT_SET
    srcIface :  , Details :  Percentage of Control CPU usage last 5 minutes has restored below threshold and is at 57 [Simulation Mode]
     

    Related Documentation

     

    Published: 2011-02-08