Blue Coat Systems Appliance Trim Kit Blue Coat Systems SG Appliance Manual De Usuario
Chapter 2: Monitoring the SG Appliance
19
Syslog notification: disabled
Syslog facility: daemon
Event recipients:
SMTP gateway:
mail.heartbeat.bluecoat.com
Viewing the Event Log Contents
Again, you can view the event log contents from the
show
command or from the event-log
configuration mode.
The syntax for viewing the event log contents is
SGOS# show event-log
-or-
SGOS# (config event-log) view
[start [YYYY-mm-dd] [HH:MM:SS]] [end [YYYY-mm-dd] [HH:MM:SS]] [regex
regex | substring string]
Pressing
<Enter>
shows the entire event log without filters.
The order of the filters is unimportant. If
start
is omitted, the start of the recorded event
log is used. If
end
is omitted, the end of the recorded event log is used.
If the date is omitted in either
start
or
end
, it must be omitted in the other one (that is, if
you supply just times, you must supply just times for both
start
and
end
, and all times
refer to today). The time is interpreted in the current timezone of the appliance.
Understanding the Time Filter
The entire event log can be displayed, or either a starting date/time or ending date/time
can be specified. A date/time value is specified using the notation ([YYYY-MM-DD]
[HH:MM:SS]). Parts of this string can be omitted as follows:
can be specified. A date/time value is specified using the notation ([YYYY-MM-DD]
[HH:MM:SS]). Parts of this string can be omitted as follows:
❐
If the date is omitted, today's date is used.
❐
If the time is omitted for the starting time, it is 00:00:00
❐
If the time is omitted for the ending time, it is 23:59:59
At least one of the date or the time must be provided. The date/time range is inclusive of
events that occur at the start time as well as dates that occur at the end time.
events that occur at the start time as well as dates that occur at the end time.
Understanding the Regex and Substring Filters
A regular expression can be supplied, and only event log records that match the regular
expression are considered for display. The regular expression is applied to the text of the
event log record not including the date and time. It is case-sensitive and not anchored.
You should quote the regular expression.
expression are considered for display. The regular expression is applied to the text of the
event log record not including the date and time. It is case-sensitive and not anchored.
You should quote the regular expression.
Since regular expressions can be difficult to write properly, you can use a substring filter
instead to search the text of the event log record, not including the date and time. The
search is case sensitive.
instead to search the text of the event log record, not including the date and time. The
search is case sensitive.
Regular expressions use the standard regular expression syntax as defined by policy. If
both regex and substring are omitted, then all records are assumed to match.
both regex and substring are omitted, then all records are assumed to match.
Note:
If the notation includes a space, such as between the start date and the start time,
the argument in the CLI should be quoted.