Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Paul_Hagyard
Advisor

Logging filter issues?

The logging filters seem broken.

  • If I right click on interface eth1 (say) and select "add to filter" it adds "eth1" when it needs to add "interface:eth1".
  • If I right click on the rule column (e.g. 48) of a (recent) log entry and select "add to filter" it adds "rule:48" and finds no results. It appears to be incorrectly looking for the rule UUID, as using rule:UUID_number works. However, "rule" should use the number, and "rule_uid" should use the UUID_number...
  • It would be nice (it's not in the old SmartLog GUI either) if adding src/dst and typing would search for the text anywhere in the defined objects, not just from the start. eg: typing src:web001 should be able to find the object "y-s-web001"
2 Replies
Shahaf_Alfasi
Employee Alumnus
Employee Alumnus

Hi Paul,

1. Not all fields are indexed therefore if field is indexed the search will be on the field (<field name>:<field value>) if not search will be free text search.

2. Are you using R80 GA? the rule_id issue is known and should be fixed in GA

3. I'll forward your request and we'll consider it as RFE for next versions

0 Kudos
Tal_Paz-Fridman
Employee
Employee

Hi Paul,

1| Regarding the Interface filter - I also ran into this issue. I have documented this issue so that it will be fixed by R&D.

2| Regarding the Rule number filter - I have tested this on several environments and it works properly for me.

Thanks for the inputs

Tal

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events