Cisco Cisco FirePOWER Appliance 7030
56-10
FireSIGHT System User Guide
Chapter 56 Auditing the System
Viewing the System Log
•
Click
Save
if you are modifying an existing search and want to save your changes.
•
Click
Save as New Search
to save the search criteria. The search is saved (and associated with your
user account if you selected
Save As Private
) so that you can run it at a later time.
Viewing the System Log
License:
Any
The System Log (syslog) page provides you with system log information for the appliance. The system
log displays each message generated by the system. The following items are listed in order:
log displays each message generated by the system. The following items are listed in order:
•
the date that the message was generated
•
the time that the message was generated
•
the host that generated the message
•
the message itself
Note
System log information is local. For example, you cannot use the Defense Center to view system status
messages in the system logs on your managed devices.
messages in the system logs on your managed devices.
You can view system log messages for specific components by using the filter feature. For more
information, see
information, see
.
To view the syslog:
Access:
Admin/Maint
Step 1
Select
System > Monitoring > Syslog
.
The System Log page appears. The Defense Center version of the page is shown below.
Tip
On the 3D9900, the Load Balancing Interface Module (LBIM) forwards messages to the device's syslog.
You can find these messages by filtering on
You can find these messages by filtering on
lbim
.
Filtering System Log Messages
License:
Any
You can view system log messages for specific components by using the filter feature. Filtering allows
you to search for specific messages based on content.
you to search for specific messages based on content.
The filter functionality uses the UNIX file search utility Grep, and as such, you can use most syntax
accepted by Grep. This includes using Grep-compatible regular expressions for pattern matching. You
can use a single word as a filter, or you can use Grep-supported regular expressions to search for content.
accepted by Grep. This includes using Grep-compatible regular expressions for pattern matching. You
can use a single word as a filter, or you can use Grep-supported regular expressions to search for content.