|
|
|
Description fwm logexport exports the Log file to an ASCII file.
Syntax > fwm logexport [-d <delimiter>] [-i <filename>] [-o <outputfile>] [-n] [-p] [-f] [-m {initial|semi|raw}] [-a]
Parameter |
Description |
|---|---|
|
Set the output delimiter. The default is a semicolon ( |
|
The name of the input Log file. The default is the active Log file, |
|
The name of the output file. The default is printing to the screen. |
|
Do not perform DNS resolution of the IP addresses in the Log file (this option significantly speeds the processing). |
|
Do not perform service resolution. A service port number is displayed. |
|
If this is the active Log file ( |
|
This flag specifies the unification mode.
|
|
Show account records only (the default is to show all records). |
Comments Controlling the Output of fwm logexport using logexport.ini
The output of fwm logexport can be controlled by creating a file called logexport.ini and placing it in the conf directory: $FWDIR/conf. The logexport.ini file should be in the following format:
[Fields_Info] included_fields = field1,field2,field3,<REST_OF_FIELDS>,field100 excluded_fields = field10,field11 |
note that:
num field will always appear first, and cannot be manipulated using logexport.ini<REST_OF_FIELDS> is a reserved token that refers to a list of fields. It is optional. If -f option is set, <REST_OF_FIELDS> is based on a list of fields taken from the file logexport_default.C.-f is not set, <REST_OF_FIELDS> will be based on the given input log file. included_fields and excluded_fields.Format:
The fwm logexport output appears in tabular format. The first row lists the names of all fields included in the subsequent records. Each of the subsequent rows consists of a single log record, whose fields are sorted in the same order as the first row. If a record has no information on a specific field, this field remains empty (as indicated by two successive semi-colons).
Example
|