cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2240
Views
5
Helpful
4
Replies

Looking for a CLI command to see last 20 logging events in a FPR-2110

Kevin Smith
Level 1
Level 1

Looking for a CLI command to see last 20 logging events in a FPR-2110.

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

The "pigtail" utility may help. Switch to expert mode from the cli and sudo su to run it.

 

pigtail v1.03 (05/13/2015)
--------------------------------------------------------------------------------------------------------------
NAME
    pigtail -- continuously display FireSIGHT management console (and device) logs as the files are written

SYNOPSIS
    pigtail [-d] [-o] [-h] [-raw] [-n number] [-outfile file] [-history start time end time] [-break regex] [-trigger regex command] [filetype ...]

DESCRIPTION

       .-~~~~-. |\\_     pigtail parses, reformats, and displays the contents of several log files
    @_/        /  oo\_   to the screen, updating the display whenever additional lines are added to any of 
      |    \   \   _(")  the log files.  pigtail also colorizes the output so it is easier to discern between 
       \   /-| ||'--'    lines from different log files.  By default it normalizes timestamps, removes some 
        \_\  \_\\        extraneous information, and reformats certain lines to improve readability.
    
    These are the keywords and associated log files that pigtail supports:
            ACTQ  /var/log/action_queue.log
            CPAC  /var/log/idhttpsd/access_log
            CPER  /var/log/idhttpsd/error_log
            CPLG  /var/log/captive_portal.log
            DCSM  /var/log/mojo.log
            DEPL  /var/log/sf/policy_deployment.log
            HTTP  /var/log/httpd/httpsd_error_log
            MOJO  /var/log/mojo/mojo.log
            MSGS  /var/log/messages
            NGFW  /var/log/ngfwManager.log
            NGUI  /var/log/cisco/ngfw-onbox.log
            SERR  /var/log/process_stderr.log
            SOUT  /var/log/process_stdout.log
            SSEC  /var/log/connector/connector.log
            SYDB  /opt/CSCOpx/MDC/log/operation/sydb.out
            TAPP  /var/log/SSE/sse_telemetry.log
            TCAT  /opt/CSCOpx/MDC/tomcat/logs/stdout.logs
            TCLG  /opt/CSCOpx/MDC/log/operation/sftunnel-javaclient.log
            USMS  /opt/CSCOpx/MDC/log/operation/usmsharedsvcs.log
            VMSB  /opt/CSCOpx/MDC/log/operation/vmsbesvcs.log
            VMSS  /opt/CSCOpx/MDC/log/operation/vmssharedsvcs.log

View solution in original post

4 Replies 4

Florin Barhala
Level 6
Level 6
I had no chance working with FTD; can you employ show log | tail -20 maybe? or tail /log_path?

NX-OS on DataCenter SWs has tail function after pipe, it's addictive!

Thanks, i tried the tail command the other day no luck, i think i found out what's  going on with my logging, looks like some kind of debugging left on.....now trying to figure which logging it is.

 

Thanks.

Can you share logging config that you use now?

Marvin Rhoads
Hall of Fame
Hall of Fame

The "pigtail" utility may help. Switch to expert mode from the cli and sudo su to run it.

 

pigtail v1.03 (05/13/2015)
--------------------------------------------------------------------------------------------------------------
NAME
    pigtail -- continuously display FireSIGHT management console (and device) logs as the files are written

SYNOPSIS
    pigtail [-d] [-o] [-h] [-raw] [-n number] [-outfile file] [-history start time end time] [-break regex] [-trigger regex command] [filetype ...]

DESCRIPTION

       .-~~~~-. |\\_     pigtail parses, reformats, and displays the contents of several log files
    @_/        /  oo\_   to the screen, updating the display whenever additional lines are added to any of 
      |    \   \   _(")  the log files.  pigtail also colorizes the output so it is easier to discern between 
       \   /-| ||'--'    lines from different log files.  By default it normalizes timestamps, removes some 
        \_\  \_\\        extraneous information, and reformats certain lines to improve readability.
    
    These are the keywords and associated log files that pigtail supports:
            ACTQ  /var/log/action_queue.log
            CPAC  /var/log/idhttpsd/access_log
            CPER  /var/log/idhttpsd/error_log
            CPLG  /var/log/captive_portal.log
            DCSM  /var/log/mojo.log
            DEPL  /var/log/sf/policy_deployment.log
            HTTP  /var/log/httpd/httpsd_error_log
            MOJO  /var/log/mojo/mojo.log
            MSGS  /var/log/messages
            NGFW  /var/log/ngfwManager.log
            NGUI  /var/log/cisco/ngfw-onbox.log
            SERR  /var/log/process_stderr.log
            SOUT  /var/log/process_stdout.log
            SSEC  /var/log/connector/connector.log
            SYDB  /opt/CSCOpx/MDC/log/operation/sydb.out
            TAPP  /var/log/SSE/sse_telemetry.log
            TCAT  /opt/CSCOpx/MDC/tomcat/logs/stdout.logs
            TCLG  /opt/CSCOpx/MDC/log/operation/sftunnel-javaclient.log
            USMS  /opt/CSCOpx/MDC/log/operation/usmsharedsvcs.log
            VMSB  /opt/CSCOpx/MDC/log/operation/vmsbesvcs.log
            VMSS  /opt/CSCOpx/MDC/log/operation/vmssharedsvcs.log
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: