Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Using Event Viewer Options

    This topic contains the following sections:

    Using the Group By Selection Filter

    To filter using the Group by selection:

    1. On the Event Viewer page, select a Group by option. The available options are:
      • None
      • Event Name
      • Source IP
      • Destination IP
      • Service
      • Log Source

      Note: The default option is None. Select None to list all events in the Event Viewer table.

    2. Click Filter.

      Event logs based on the Group by selection are displayed.

      The Event Viewer table header displays the updated time duration for which the data was requested.

    Selecting Event Viewer Table Columns

    To select Event Viewer table columns:

    1. Click a column header.
    2. Select an option. The available options are:
      • Sort Descending—Sorts event logs in the descending order.
      • Columns—Provides a list of columns with check boxes you use to select or deselect options to add or remove columns from the Event Viewer table. Table 1 displays the columns that you can add to the Event Viewer table.

    Table 1: Event Viewer Columns

    Column Name

    Description

    Log ID

    Displays a unique event log ID.

    Time

    Displays the time that the log was received.

    Category

    Displays the category of the log.

    Severity

    Displays the severity of the log.

    Event name

    Displays the event name.

    Source IP

    Displays the source IP address.

    Destination IP

    Displays the destination IP address.

    Destination IPV6

    Displays the destination IPv6 address.

    Source Port

    Displays the source port.

    NAT Source IP

    Displays the NAT source IP address.

    NAT Source Zone

    Displays the NAT source zone.

    NAT Destination IP

    Displays the NAT destination IP address.

    NAT Destination Zone

    Displays the NAT destination zone.

    Source IPV6

    Displays the source IPv6 IP address.

    Destination Port

    Displays the destination port.

    Destination Address

    Displays the destination IP address.

    Destination Zone

    Displays the destination zone.

    Log source

    Displays the IP address of the log source.

    Service

    Displays the service in the log.

    User Name

    Displays the username in the log.

    Attack Name

    Displays the attack name in the log.

    Reason

    Displays the reason for the log generation.

    Application

    Display application in the log.

    Policy Name

    Displays the policy name in the log.

    Nested Application

    Displays the nested application in the log.

    Rule Name

    Displays the rule name in the log.

    To view a list of event logs in the Event Viewer table:

    1. Select a Group by option in the drop-down list and select the time span.

      For example: Select None and the time span as Last 3 Hours.

    2. Click Filter.

      The Event Viewer table displays all logs for the last three hours.

      The Event Viewer table header displays the time duration for which the data was requested.

      The Event Viewer table is empty if no logs match the filter condition. The table footer displays the number of logs that match the filter.

    3. Change the time span and click Filter or press Enter to refresh the Event Viewer table.
    4. Select a log displayed in the Event Viewer table.

      A detailed view of the log is displayed in the detailed log view section at the bottom of the page.

    Using Time Span

    You can use a list of predefined time periods.

    To use time span:

    1. Select a time span option. The available options are:
      • Last 15 Minutes
      • Last 30 Minutes
      • Last Hour
      • Last 3 Hours
      • Last 12 Hours
      • Last Day
      • Last Week
      • Custom

      Note: The default value is Last 5 minutes.

      Logs for the selected time span are displayed in the Event Viewer table.

    2. Click Filter.

      All logs are displayed.

      A detailed view of the log is displayed in the detailed log view section at the bottom of the Event Viewer page.

    You can customize the time span to meet your requirements.

    To customize the time span:

    1. Select Time Span>Custom.
    2. Select the following in the From time and To time options:
      • Date from the calendar.

        You can either click on the icon after the date or click the text field.

      • Hour 0-12 from the hour drop-down, or type in the hour.
      • Minutes from the minutes drop-down, or type in the minutes.
      • AM or PM from the hours drop-down .
    3. Click Filter.

    Using the Event Viewer Settings

    You can choose log display time and Security Director object settings that meet your requirements.

    To use the Event Viewer settings:

    1. Select:

      Log display time:

      • Local time zone—Displays logs in the local time zone.
      • UTC time zone—Displays logs in the UTC time zone.
    2. Show SD Object—Select to display Security Director address objects.

      Note: If there is no corresponding Security Director address for a specific IP address, only the IP address is displayed.

    3. Security Events Only—Select to display Security events.
    4. Page size—Key in the number of events that you want to display. The range is 200 to 1000 events.
    5. Click Save to save the changes.

    Note: By default, the options Local time zone and Show SD address objects are enabled.

    Using Log View Options

    The icons on the top right side of the Event Viewer table enable you to switch between the split view or grid view.

    1. Select an icon:
      • Split view—Displays logs as graphs and tables when logs are grouped by log field. When the logs are not grouped, the Event Viewer table and the details window are displayed.
      • Grid view—Displays logs in a table when event logs are not grouped.

    Note: By default, the grid view mode is enabled.

    Clearing Filter Settings

    To clear filter settings:

    1. Click Clear Filter Settings.

    Moving Back to the Previous Page

    To move back to the previous page:

    1. Click Back.

    Published: 2014-04-30