You can use Firebox System Manager (FSM) to see log messages from your Firebox as they occur.
Things to know about FSM:
- FSM receives new log messages if currently connected to a Firebox.
- FSM stores the log messages in a buffer, for as long as FSM remains open.
- FSM stores up to 25 thousand log messages, an amount that you can configure.
On some networks, there can be a short delay as log messages are sent.
- Start Firebox System Manager.
- Select the Traffic Monitor tab.
Traffic Monitor can help you troubleshoot network performance. For example, you can see which policies are used most or whether external interfaces are constantly used to their maximum capacity.
You can customize Traffic Monitor to:
- Change Traffic Monitor Settings in Firebox System Manager
- Copy Messages to Another Application
- Enable Notification for Specific Messages
- Use the Traffic Monitor icons to show specific Types of Log Messages
- Run Diagnostic Tasks to Learn More About Log Messages (to help diagnose a problem)
For more information, go to Set the Diagnostic Log Level.
Filter Traffic Monitor Log Messages
You can use the FSM Traffic Monitor buttons to filter the information that you see in the Traffic Monitor. When you select a button, Traffic Monitor shows only log messages of the type you selected. You can also use the filter text box to search the log messages and refine the data you see in Traffic Monitor.
To filter by message type:
- Select the Traffic Monitor tab.
- To select the type of log message you want to see in Traffic Monitor, click a button:
— All Logs
— Traffic Logs
— Alarm Logs
— Event Logs
— Debug Logs
— Performance Statistics Logs
FSM shows only the log messages of the type you selected.
To filter log messages by specified details:
- Select the Traffic Monitor tab.
- In the filter text box, type or select the information on which you want to search.
You can type any value in the filter text box, or select a previously specified value from the drop-down list. The filter history stores up to 30 previous searches. You can also use regular expressions in your search values.
For more information about how to use regular expressions in Traffic Monitor, go to Change Traffic Monitor Settings in Firebox System Manager.
- From the
drop-down list, select Highlight Search Results or Filter Search Results.
The log messages that match the filter search you selected appear in the Traffic Monitor window. - To remove the filter, click
.
Example Searches
To filter log messages by specified details, type a value. By default the search filter uses a pattern match search.
To find all log messages for all IP addresses that begin with 192.0.2.3, type:
192.0.2.3
To find all log messages only for the IP address 192.0.2.3, include a space after the number:
192.0.2.3 .
To find log messages that contain the text unhandled, include a space after the text:
unhandled .
To find log messages that contain the phrase User not authenticated, type:
user not authenticated
For more information on regular expressions, go to About Regular Expressions.