fw mergefiles

Description

Merges several input log files - Security ($FWDIR/log/*.log) or Audit ($FWDIR/log/*.adtlog) - into a single log file.

Important - Do not merge the current active log files - Security ($FWDIR/log/fw.log) or Audit ($FWDIR/log/fw.adtlog) with other log files. Before the merge, rotate the current active log files with the fw logswitch command.

Notes:

This command unifies the log entries with the same Unique ID (UID).
If you rotate the current active log file before all the segments of a specific log arrive, this command merges the records with the same Unique ID from two different files, into one fully detailed record.
If the size of the final merged exceeds 2GB, this command creates a list of merged files, where each file size is not more than 2GB.
The user receives the following warning:

Warning: The size of the files you have chosen to merge is greater than 2GB. The merge will produce two or more files.

The names of merged files are:
- <Output Log File>.log
- <Output Log File>_1.log
- <Output Log File>_2.log
- ... ...
- <Output Log File>_N.log

Syntax

fw [-d] mergefiles

{-h | -help}

[-s] [-r] [-t <Time Conversion File>] <Log File 1> [<Log File 2> ... <Log File N>] <Output Log File>

Parameters

Parameter	Description
`-d`	Runs the command in debug mode. Use only if you troubleshoot the command itself. Note - If you use this parameter, then redirect the output to a file, or use the `script` command to save the entire CLI session.
`{-h \| -help}`	Shows the built-in usage.
`-r`	Removes duplicate entries.
`-s`	Sorts the merged file by the Time field in log records.
`-t <`Time Conversion File`>`	If you merge log files from Log Servers that are located in different time zones, you can adjust the different times. This parameter specifies a full path and name of a file that instructs this command how to adjust the times during the merge. The format of this plain-text file is: `<`IP address of Log Server #1`> <`Signed Date and Time in Seconds #1`>` `<`IP address of Log Server #2`> <`Signed Date and Time in Seconds #2`>` `... ... ...`
`<`Log File 1`> [<`Log File 2`> ... <`Log File N`>]`	Specifies full paths and names of log files to merge.
`<`Output Log File`>`	Specifies a full path and name of the final merged log file.

Example

[Expert@MyGW:0]# ls -l $FWDIR/*.log

-rw-rw-r-- 1 admin root 189497 Sep 7 00:00 2018-09-07_000000.log

-rw-rw-r-- 1 admin root 14490 Sep 9 09:52 2018-09-09_000000.log

-rw-rw-r-- 1 admin root 30796 Sep 10 10:56 2018-09-10_000000.log

-rw-rw-r-- 1 admin root 24503 Sep 10 13:08 fw.log

[Expert@MyGW:0]#

[Expert@MyGW:0]# fw mergefiles -s $FWDIR/2018-09-07_000000.log $FWDIR/2018-09-09_000000.log $FWDIR/2018-09-10_000000.log /var/log/2018-Sep-Merged.log

[Expert@MyGW:0]#

[Expert@MyGW:0]# ls -l /var/log/2018-Sep-Merged.log*

-rw-rw---- 1 admin root 213688 Sep 10 13:18 /var/log/2018-Sep-Merged.log

-rw-rw---- 1 admin root 8192 Sep 10 13:18 /var/log/2018-Sep-Merged.logLuuidDB

-rw-rw---- 1 admin root 80 Sep 10 13:18 /var/log/2018-Sep-Merged.logaccount_ptr

-rw-rw---- 1 admin root 2264 Sep 10 13:18 /var/log/2018-Sep-Merged.loginitial_ptr

-rw-rw---- 1 admin root 4448 Sep 10 13:18 /var/log/2018-Sep-Merged.logptr

[Expert@MyGW:0]#