FortiAnalyzer Version 3.0 MR3 Administration Guide
84 05-30003-0082-20060925
Search the logs Logs
Filtering logs
When viewing log files both real-time and historical, you can filter the contents to
find specific content. Log filters appear when you are viewing real-time and
historical data in the Log Viewer or when browsing log files on the FortiAnalyzer
hard disk.
Figure 28: Filter icons for logs
Each column of data includes a gray filter icon. Select the icon to filter the
contents of the column.
When applying a column filter, the filter icon appears green.
To turn off the filter, select the filter icon for the column, and select Reset Filter.
Filtering tip
When filtering by source or destination IP, you can use the following in the filtering
criteria:
• a single address (2.2.2.2)
• an address range using a wild card (1.2.2.*)
• an address range (1.2.2.1-1.2.2.100)
You can also use the boolean operator "or" to indicate multiple choices:
• 1.1.1.1 or 2.2.2.2
• 1.1.1.1 or 2.2.2.*
• 1.1.1.1 or 2.2.2.1-2.2.2.10
Search the logs
The FortiAnalyzerunit provides search capabilities for locating specific information
within the stored log files. The FortiAnalyzer unit provides two log searches:
• Basic search
• Advanced search
Note: You must be viewing the log contents in the formatted view to use the filters.
Filter icon Filter in use
Note: When viewing real-time logs, you cannot filter the time column because the time will
always be the current time.
To Next Page
Loading...