How to search system logs through CLI - specific case WF-500
Objective
As per design, WF-500 is lacking of the Web GUI interface which might be quite handy, since no matter how hardcore CLI admin you were (or if you still are), after some time you get used to Web GUI of any equipment. Sometimes you prefer working via CLI and sometimes (like when using WF-500) you do not have other options.
This article shows how to do a quick/handy search for the specific pattern in the system logs, although it is not limited only to this log.
Environment
- WF-500
Procedure
This article shows how to do a quick/handy search for the specific pattern in the system logs, although it is not limited only to this log.
Example 1 - (case sensitive)
In the first example, we are searching for the pattern "Installed" in the backward direction which is optional, but be aware that the pattern itself is case sensitive. In the second we are searching for the pattern "installed" small letter "i". The outcome is different.
admin@WF-80-156> show log system direction equal backward query equal "(description contains Installed)" Time Severity Subtype Object EventID ID Description =============================================================================== 2020/06/01 17:19:04 info general general 0 Installed wf software version 9.0.7 2020/05/30 02:06:50 info general general 0 Installed wfm package: panup-all-wfmeta-1496-1697.tgz 2019/11/29 10:58:16 info general general 0 Installed wfm package: panup-all-wfmeta-1343-1544.tgz 2019/11/22 13:06:36 info general general 0 Installed wf software version 8.1.10 2019/10/30 17:18:27 info general general 0 Installed wfm package: panup-all-wfmeta-1343-1544.tgz 2019/10/30 15:24:10 info general general 0 Installed wf software version 8.1.0 2019/06/24 15:49:42 info general general 0 Installed wfm package: panup-all-wfmeta-1250-1451.tgz 2019/04/09 15:49:56 info general general 0 Installed wfm package: panup-all-wfmeta-1196-1397.tgz 2019/04/05 17:00:58 info general general 0 Installed wfm package: panup-all-wfmeta-1194-1395
admin@WF-80-156> show log system direction equal backward query equal "(description contains installed)" Time Severity Subtype Object EventID ID Description =============================================================================== 2019/10/30 17:18:40 info general general 0 WildFire metadata version 1343-1544 installed by admin 2019/05/14 13:32:22 info general general 0 GP MDM license is installed. 2019/05/14 13:31:09 info general general 0 GP MDM license is installed. 2019/04/05 17:01:13 info general general 0 WildFire metadata version 1194-1395 installed by admin admin@WF-80-156>
Example 2 - logical operation
It is possible to combine the search contains field with the logical operators. Below examples are showing the output when using logical operator "AND" and logical operator "OR".
admin@WF-80-156> show log system direction equal backward query equal "(description contains Installed) and (description contains 9.0.7)" Time Severity Subtype Object EventID ID Description =============================================================================== 2020/06/01 17:19:04 info general general 0 Installed wf software version 9.0.7
admin@WF-80-156> show log system direction equal backward query equal "(description contains Installed) or (description contains configuration)" Time Severity Subtype Object EventID ID Description =============================================================================== 2020/06/01 17:26:49 info cluster cluster 0 Cluster daemon configuration load phase-2 succeeded. 2020/06/01 17:26:49 info cluster cluster 0 Cluster engine will be started for: configuration change. 2020/06/01 17:26:49 info cluster cluster 0 Cluster daemon configuration load phase-1 succeeded. 2020/06/01 17:19:04 info general general 0 Installed wf software version 9.0.7 2020/05/30 02:06:50 info general general 0 Installed wfm package: panup-all-wfmeta-1496-1697.tgz 2020/05/07 19:54:56 info cluster cluster 0 Cluster daemon configuration load phase-2 succeeded. ...........for the brevity.... admin@WF-80-156>