Browse log and alert entries on the command line of Security Engines
If you have saved copies of the most recent log and alert entries locally on the Security Engine, you can browse the log and alert entries on the command line of the Security Engine.
Before you begin
Browsing log and alert entries locally on the Security Engine allows you to quickly troubleshoot problems that are specific to the location where the Security Engine is installed. You can browse log and alert entries even if the log and alert entries have already been sent to the Log Server, or if the connection to the SMC is not available.
The log and alert files are stored in the /spool/log/archive directory on the Security Engine.
You can use the following filtering when you browse log and alert entries on the command line of the Security Engine:
- Time range
- Facility
- IP address
- User name
Browsing log and alert entries on the command line of Security Engines has the following limitations:
- A limited number of log and alert entries are stored on the Security Engine for a limited time.
- In an environment with Master Engines and Virtual Engines, you can only browse log and alert entries, including log and alert entries for Virtual Engines, locally on the command line of Master Security Engines. You cannot browse log and alert entries locally on the command line of individual Virtual Security Engines.