RSA Security Analytics provides views into system logs and service logs. The views and procedures are similar; the only difference is that when viewing service logs, you can also select messages for the service or host.
View System Logs
- In the Security Analytics menu, select Administration > System.
- In the options panel, select System Logging.
Display Service Logs
To display Security Analytics service logs:
- In the Security Analytics menu, select Administration > Services.
- In the Services grid, select a service.
- In the Actions column, select View > Logs.
Filter Log Entries
To filter the results shown in the Realtime tab:
- (Optional) For system and service logs, select a Log Level and a Keyword, or both. System logs have seven log levels. Service logs have only six log levels because they do not include the TRACE level. The default is ALL log entries.
- (Optional) For service logs, select the Service: host or service.
- Click Filter.
The view is refreshed with the most recent 10 entries matching your filter. As new matching log entries become available, the view is updated to show those entries.
Show Details of a Log Entry
Each row of the Realtime tab Log grid provides the summary information of a log entry. To view complete details: