cancel
Showing results for 
Search instead for 
Did you mean: 
bec3
Level 9

Live Logs

How can we see live logs for firewall for example?

0 Kudos
7 Replies
abanaru
Level 11

Re: Live Logs

0 Kudos
bec3
Level 9

Re: Live Logs

This will show me a stream of the event, not the actual event itself, I want to see fields like source/destination ports, for firewall troubleshooting in real time.

0 Kudos
abanaru
Level 11

Re: Live Logs

That's not possible. The ESM takes the events out of the ERC at recurrent intervals or on demand. But not real-time.

0 Kudos
kmc
Level 12

Re: Live Logs

​ I hope you can see real time logs from the FW it'self only.

0 Kudos
bec3
Level 9

Re: Live Logs

KMC, Other vendor has this feature, that's why i was asking for it,

0 Kudos
yd9038
Level 9

Re: Live Logs

I believe you can do that with Streaming Viewer if you don't want to do a tcpdump in a terminal window.

Streaming Viewer lets you add filters and columns, and view the packet data.

0 Kudos
acommons
Level 10

Re: Live Logs

The streaming events are real time for syslog I believe. If you scroll to the right in the display you will see the raw packet data. This is not obvious but the display expands as you scroll.

The fully parsed message is not displayed but if it is parsed then the rule it matches will be shown. Source and destination also look correct.

0 Kudos