grep "Mar 31.*email@domain

bsrinu001 · ‎02-28-2017

Hi Team,

Please let us know how to check, Email log for a specific date/time/ for a user/ for a domain. In detail ( apart from grep and find event commands )

Libin Varghese · ‎02-28-2017

Hi,

grep is the only major tool available on the ESA in order to parse through mail_logs for specific date/time, domain, etc.

If you require additional options to parse the log file then you can opt to push the logs to a different server and use third-party tools or scripts for the same. However, such tools are not supported by Cisco.

Thank You!

Libin Varghese

bsrinu001 · ‎02-28-2017

could you please let us know commands on how to check logs for the particular day and time ?

Libin Varghese · ‎02-28-2017

Sure.

You could use the below command for example

grep "Feb 28 09:20" mail_logs

- Displays all mail_logs for search term Feb 28 09:20

grep "Feb 28 09.*domain.com" mail_logs

- Displays all search results for domain.com at the specified time. Do note the date and domain should find a match in a single line of the mail_logs

- Libin V

bsrinu001 · ‎03-31-2017

Please suggest on how to grep the mail logs for an address for a specific date .

Libin Varghese · ‎03-31-2017

grep "Mar 31.*email@domain.com" mail_logs - for email address

grep "Mar 31.*domain.com" mail_logs - for domain or hostname

grep "Mar 31.*192.168.1.1" mail_logs - for IP address

You can separate multiple terms using ".*" as long as they are in a single line it should return a result.

- Libin V

How to check Log thought CLI of ESA for specific event.