Filter
Top Products
FortiAnalyzer Version 3.0 MR7 Administration Guide
102 05-30007-0082-20080908
Searching the logs Log
Device/Group Select to search logs from the FortiAnalyzer unit (LocalLogs), a device,
or a device group.
Date Select to search logs from a time frame, or select Specify and define a
custom time frame by selecting the From and To date and times.
From Enter the date and select the time of the beginning of
the custom time range.
This option appears only when Date is Specify.
To Enter the date and select the time of the end of the
custom time range.
This option appears only when Date is Specify
Keyword(s) Enter search terms which will match to yield log message search results.
To specify that results must include all, any, or none of the keywords,
select these options in Match.
Quick Search Select to perform a Quick Search. Keywords for a Quick Search cannot
contain special characters. Quick Search examines only indexed fields.
Full Search Select to perform a Full Search. Keywords for a Full Search may contain
special characters. Full Search examines all log message fields.
More Options Select the blue arrow to hide or expand additional search options.
Match Select how keywords are used to match log messages
which comprise search results.
• All Words: Select to require that matching log
messages must contain all search keywords. If a
log message does not contain one or more
keywords, it will not be included in the search
results.
•Any Words: Select to require that matching log
messages must contain at least one of the
search keywords. Any log message containing
one or more keyword matches will be included in
the search results.
• Does Not Contain the Words: Select to require
that matching log messages must not contain the
search keywords. If a log message contains any
of the search keywords, it will be excluded from
the search results.
Other Filters Specify additional criteria, if any, that can be used to
further restrict the search criteria.
•Log Type: Select to include only log messages of
the specified type. For example, selecting Traffic
would cause search results to include only log
messages containing type=traffic.
• Log Severity: Select to include only log
messages of the specified severity. For example,
selecting Notice would cause search results to
include only log messages containing
pri=notice.
•Source IP: Enter an IP address to include only
log messages containing a matching source IP
address. For example, entering 192.168.2.1
would cause search results to include only log
messages containing src=192.168.2.1 and/or
content log messages containing a client IP
address of 192.168.2.1.