How to Search For a Specific Pattern in dp/mp Process Logs
36363
Created On 04/20/19 04:32 AM - Last Modified 04/24/19 16:00 PM
Objective
How do I search for a specific pattern in dataplane or management plane process logs.
Procedure
This is the command format:
admin@PA-VM> grep pattern <value> <mp-log/cp-log/dp0-log/dp1-log/dp2-log> <Log Type>
Examples:
1) To Search for pattern "error" in mp-log>php.debug.log:
admin@PA> grep pattern error mp-log php.debug.log Response took 0.001s <response status="error" code="17"><msg></msg></response> <opaque>Failed to check WildFire content upgrade info due to generic communication error</opaque> Response took 0.016s <response status="error"><msg><line>No such query job</line></msg></response>
2) To search for pattern "skipped - remote malware" in mp-log>varrcvr.log:
admin@PA> grep pattern "skipped - remote malware" mp-log wildfire-upload.log 2019-04-16 17:11:43 +0800: invoice.docx ms-office skipped - remote malware dup PUB 1 1 4163 0x101c allow 2019-04-16 17:14:03 +0800: 65d5.doc ms-office skipped - remote malware dup PUB 55 5 4163 0x101c allow
3) To search for pattern "response status" in any mp-log, this is useful when you want to search for a specific pattern but do not know which log to check.
admin@PA> grep pattern "response status" mp-log * /var/log/pan/php.debug.log:Response took 0.040s <response status="success"><result><config-locks></config-locks></result></response> /var/log/pan/php.debug.log:Response took 0.035s <response status="success" code="19"><completions>
NOTE: All the outputs are longer. Only a couple of lines are presented for demonstration purpose.
Additional Information
Larger Platforms like 7K have more logging options. Please use "?" to see the options (syntax is the same):
admin@fw-atnt-3mz-a095> grep pattern <value> ?