cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


402
Views
5
Helpful
4
Replies
Beginner

Looking for a CLI command to see last 20 logging events in a FPR-2110

Looking for a CLI command to see last 20 logging events in a FPR-2110.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Master

Re: Looking for a CLI command to see last 20 logging events in a FPR-2110

The "pigtail" utility may help. Switch to expert mode from the cli and sudo su to run it.

 

pigtail v1.03 (05/13/2015)
--------------------------------------------------------------------------------------------------------------
NAME
    pigtail -- continuously display FireSIGHT management console (and device) logs as the files are written

SYNOPSIS
    pigtail [-d] [-o] [-h] [-raw] [-n number] [-outfile file] [-history start time end time] [-break regex] [-trigger regex command] [filetype ...]

DESCRIPTION

       .-~~~~-. |\\_     pigtail parses, reformats, and displays the contents of several log files
    @_/        /  oo\_   to the screen, updating the display whenever additional lines are added to any of 
      |    \   \   _(")  the log files.  pigtail also colorizes the output so it is easier to discern between 
       \   /-| ||'--'    lines from different log files.  By default it normalizes timestamps, removes some 
        \_\  \_\\        extraneous information, and reformats certain lines to improve readability.
    
    These are the keywords and associated log files that pigtail supports:
            ACTQ  /var/log/action_queue.log
            CPAC  /var/log/idhttpsd/access_log
            CPER  /var/log/idhttpsd/error_log
            CPLG  /var/log/captive_portal.log
            DCSM  /var/log/mojo.log
            DEPL  /var/log/sf/policy_deployment.log
            HTTP  /var/log/httpd/httpsd_error_log
            MOJO  /var/log/mojo/mojo.log
            MSGS  /var/log/messages
            NGFW  /var/log/ngfwManager.log
            NGUI  /var/log/cisco/ngfw-onbox.log
            SERR  /var/log/process_stderr.log
            SOUT  /var/log/process_stdout.log
            SSEC  /var/log/connector/connector.log
            SYDB  /opt/CSCOpx/MDC/log/operation/sydb.out
            TAPP  /var/log/SSE/sse_telemetry.log
            TCAT  /opt/CSCOpx/MDC/tomcat/logs/stdout.logs
            TCLG  /opt/CSCOpx/MDC/log/operation/sftunnel-javaclient.log
            USMS  /opt/CSCOpx/MDC/log/operation/usmsharedsvcs.log
            VMSB  /opt/CSCOpx/MDC/log/operation/vmsbesvcs.log
            VMSS  /opt/CSCOpx/MDC/log/operation/vmssharedsvcs.log
4 REPLIES 4
Frequent Contributor

Re: Looking for a CLI command to see last 20 logging events in a FPR-2110

I had no chance working with FTD; can you employ show log | tail -20 maybe? or tail /log_path?

NX-OS on DataCenter SWs has tail function after pipe, it's addictive!
Beginner

Re: Looking for a CLI command to see last 20 logging events in a FPR-2110

Thanks, i tried the tail command the other day no luck, i think i found out what's  going on with my logging, looks like some kind of debugging left on.....now trying to figure which logging it is.

 

Thanks.

Frequent Contributor

Re: Looking for a CLI command to see last 20 logging events in a FPR-2110

Can you share logging config that you use now?
Hall of Fame Master

Re: Looking for a CLI command to see last 20 logging events in a FPR-2110

The "pigtail" utility may help. Switch to expert mode from the cli and sudo su to run it.

 

pigtail v1.03 (05/13/2015)
--------------------------------------------------------------------------------------------------------------
NAME
    pigtail -- continuously display FireSIGHT management console (and device) logs as the files are written

SYNOPSIS
    pigtail [-d] [-o] [-h] [-raw] [-n number] [-outfile file] [-history start time end time] [-break regex] [-trigger regex command] [filetype ...]

DESCRIPTION

       .-~~~~-. |\\_     pigtail parses, reformats, and displays the contents of several log files
    @_/        /  oo\_   to the screen, updating the display whenever additional lines are added to any of 
      |    \   \   _(")  the log files.  pigtail also colorizes the output so it is easier to discern between 
       \   /-| ||'--'    lines from different log files.  By default it normalizes timestamps, removes some 
        \_\  \_\\        extraneous information, and reformats certain lines to improve readability.
    
    These are the keywords and associated log files that pigtail supports:
            ACTQ  /var/log/action_queue.log
            CPAC  /var/log/idhttpsd/access_log
            CPER  /var/log/idhttpsd/error_log
            CPLG  /var/log/captive_portal.log
            DCSM  /var/log/mojo.log
            DEPL  /var/log/sf/policy_deployment.log
            HTTP  /var/log/httpd/httpsd_error_log
            MOJO  /var/log/mojo/mojo.log
            MSGS  /var/log/messages
            NGFW  /var/log/ngfwManager.log
            NGUI  /var/log/cisco/ngfw-onbox.log
            SERR  /var/log/process_stderr.log
            SOUT  /var/log/process_stdout.log
            SSEC  /var/log/connector/connector.log
            SYDB  /opt/CSCOpx/MDC/log/operation/sydb.out
            TAPP  /var/log/SSE/sse_telemetry.log
            TCAT  /opt/CSCOpx/MDC/tomcat/logs/stdout.logs
            TCLG  /opt/CSCOpx/MDC/log/operation/sftunnel-javaclient.log
            USMS  /opt/CSCOpx/MDC/log/operation/usmsharedsvcs.log
            VMSB  /opt/CSCOpx/MDC/log/operation/vmsbesvcs.log
            VMSS  /opt/CSCOpx/MDC/log/operation/vmssharedsvcs.log