I am unable to view log files in WSA virtual appliance (S600v) GUI. From System Administration > Log subscriptions I get the below page where there is no FTP link for the log file.
After clicking Access Logs, get the below page.
Do I need to make any change in the options to view the access logs from the appliance (without exporting log to any other ftp server)?
Solved! Go to Solution.
You can view the Logs from command level with grep command with the option of log you want to look.
If you like to look full log you need to download locally using winscp to local PC.
make sense ?
Thank you so much. This is exactly what I am searching for. Actually ftp port was not enabled so i did not get the link previously.
I need some more help and i am mentioning those issues below:
1. I can't view the log files via the link (which uses the domain name) shown beside the accesslogs, but i can view the log file using ip (ftp:<ip_address>/accesslogs. Could you please advise what to do to make the shown link workable?
2. I can not understand on what basis (file size/time etc) each new log file was created? Maximum file size is set to 10G. Below image is for reference.
3. How can i convert these log file into .csv?
4. I have tried to export the log to a remote ftp server. For that, accesslogs > Retrival Method > FTP on remote server and provide the required information. It also create a link of my ftp server and I can access to my ftp server through that link, but I did not find any log file there. Does it required any other manual transfer process? or it will send the log after a periodic interval (though i do not find any option like this.).
Let me try to chip in here :-)
The hostname of the link will be using the hostname of the M1 interface and in order to access it using hostname, you will need to make sure your DNS can resolve this hostname to the IP address of M1 interface.
The file size and time are all depends on your accesslogs configuration of rollover method. if you set rollover by file size 10Gb, and you also set rollover by time for 1 day and your traffic during the day are not much and the accesslogs file still not consume of 10GB and 1 day has passed then it will rollover based of 1 day and the file size is less then 10Gb(will have whatever size of that 1 day).
This works vice versa as well, if your traffic is huge and the file consume 10GB in few minutes for example then it will also rollover even though 1 day has not passed yet.
The log file is csv ready, just rename the file name. However if you have file size 10GB, dont think excel can open that sort of file size.
When you send the log file to remote server such as FTP, make sure the directory that you set to send the log file has correct privilege to put the files in.
Also the rollover configuration will still apply for this.
You can also check the communications between WSA with your FTP server from the "system_logs" or from CLI type displayalerts if the communications have issues.
You can setup ftp config to store logs, but in production environment the logs go up to 10GB size, its hard to read via GUI take ages to load and browser crashes some time, always suggest to use cli or download locally and grep depends on the content you looking for by flitering.