03-25-2009 05:00 AM - edited 03-11-2019 08:09 AM
Hi..
I am facing issue with accessing firewall syslog files.the size is around 2GB.It says i need to open it with another editor rather than notepad.I tried with wordpad but it hungsup.
Any suggestions on this.Also i have heard that the logs are stored by date( a day each) in seperate log files.How do i enable that?
Thanks in advance!
03-25-2009 05:20 AM
The best syslog would be syslog-ng which will give the ability to rotate the log file at certain size, date, etc... If you have multiple firewalls, syslog-ng can store logs in separate files.
syslog-ng comes free with most Linux distribution
03-25-2009 06:02 AM
Any application will have trouble opening a 2GB log file. Try using a syslog server like RSyslog (http://www.rsyslog.com/) it also has a web front-end so you can view a log and filter the results. If you want to have each device as a separate log file, you will need to configure it in your conf file on your server.
Hope that helps.
03-25-2009 06:49 AM
ok..not each device as seperate log file...same device but it would give seperate log files for each day..is there a way on this..
thanks!
03-25-2009 06:53 AM
Sure, again it would be configured in the syslog conf file.
03-25-2009 07:11 AM
This is why "splunk" was developed.
03-25-2009 01:25 PM
For viewing large syslog files, or any large text file for that matter, I like UltraEdit. UltraEdit can handle and edit files in excess of 4 gigabytes.
It's fairly inexpensive and has tons of great attributes that make it worth every penny!!!
03-25-2009 01:31 PM
UltraEdit is the best text editor out there, however even it has problems with a 2GB file (probably more the PC than the app). I also use GSplit to take the file and break it up. Excel and it's Auto Filter option are very useful as well.
03-25-2009 05:06 PM
Why would anyone want to view a >2GB file is beyond me. Perl, MySQL, awk and grep were developed for extracting from large file like this.
03-26-2009 07:39 PM
thanks for the inputs..another query.
how do you stop the logs being continually generated/updated to the particular text file inside the system logs from the device.
I am trying to delete the log file...but it says something else is using this,probably the firewall is generating logs into this.
Any ideas on this..how do we stop this for sometime..do i need to configure anything on firewall for this?
Thanks!!
03-29-2009 06:23 AM
Any ideas on stopping the above!
thanks!!
03-30-2009 06:19 AM
You either have to stop syslog from the firewall, stop it on the server or copy the log file and read the copied file.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide