Host GS: Historical Tab

Document created by RSA Information Design and Development on Jul 21, 2016
Version 1Show Document
  • View in full screen mode
 

This topic describes the features of the System Service Logging > Historical tab and the Services Logs view > Historical tab.

The Historical tab provides a searchable view of the Security Analytics log or the service log in a paged format. When initially loaded, the grid shows the last page of the log entries for the system or the system.

To access the Historical tab:

  1. In the Security Analytics menu, select Administration > System.
  2. In the options panel, select System Logging.

    The System Logging panel opens to the Realtime tab by default.

  3. Click the Historical tab.

For information about accessing service logs, see Services Logs View.

The following is an example of the Historical tab in the System Logging panel. It shows the Security Analytics logs.

SysLogHis.png

The following is an example of the Historical tab in the Services Logs view. It shows the services logs.

AdmSvrcsHst.png

Features

The Historical tab has a toolbar with input fields to allow filtering of the entries, a grid containing the log entries, and paging tools.

                                 
FeatureDescription
Start Date and End DateThe Start Date and End Date range search options limit the log entries to a point in time. When used, you must provide both a start and end date. The times are optional. The date range is validated to assure that the end date is not before the start date.
Log Level drop-down
SystemLoggingTypeFilter.png
Selects the log level for entries to display in the grid. The Log Level drop-down shows the available log levels for the system or the service. 
  • System logs have seven log levels.
  • Service logs have only six log levels because they do not include the TRACE level.
  • The default is ALL log entries.
Keyword field Specifies a keyword to use when filtering entries. This field is the same for system and service log filtering.
Service field (Service Logs only) Specifies the service type to use when filtering service log entries. Possible values are the host or the service.
Search button Click to activate a search based on the start and end date, log level, keyword, and service selections.
Export Click to export the currently viewed grid entries to a text file. You can select either comma-separated or tab-separated format for the entries in the file.

 

                     
ColumnDescription
Timestamp This is the timestamp for the entry.
Level This is the log level for the message.
Message This is the text of the log entry.

The paging tools below the grid provide a way to navigate through the pages of log entries.

104SvsLogPageTB.png

                                 
ToolDescription
ChartStatsFirstPage.png First page
ChartStatsPrevpage.png Previous page
ChartStatspageNum.png Page number
ChartStatsNextPage.png Next page
ChartStatsLastPage.png Last page
ChartStatsRefresh.png Refresh

Search Log Entries

To search the results shown in the Historical tab:

  1. (Optional) Select a Start Date and End Date. Optionally, select a Start Time and End Time.
  2. (Optional) For system and service logs, select a Log Level and a Keyword, or both.
  3. (Optional) For service logs, select the Service: host or service.
  4. Click Search.  
    The view is refreshed with the most recent 10 entries matching your filter.  As new matching log entries become available, the view is updated to show those entries.

Show Details of a Log Entry

Each row of the Historical tab Log grid provides the summary information of a log entry. To view complete details:

  1. Double-click a log entry. 
    The Log Message dialog, which contains the Timestamp, Logger Name, Thread, Level and Message, is displayed.
    SystemLogMessageDialog.png
  2. When finished viewing, click Close.

Page Through the Entries

To view the different pages of the grid, use the paging controls on the bottom of the grid as follows:

  • Use the navigation buttons
  • Manually enter the page you want to view, and press ENTER.

Export

To export the logs in the current view:

Click Export, and select one of the drop-down options, CSV Format or Tab Delimited.
The file is downloaded with a filename that identifies the log type and the field delimiter. For example, a Security Analytics system log exported with comma-separated values is named UAP_log_export_CSV.txt, and an appliance log exported with tab-separated values is named APPLIANCE_log_export_TAB.txt.

You are here: References > Administration System View > System Logging Panel > Historical Tab

Attachments

    Outcomes