Viewing a Log File (asg log)

Description

Use the "asg log" command in the Expert mode to see the contents of a specified log file.

Syntax

asg log [-b <SGM IDs>] --file <Log File> [--from "<Timestamp>"] [--to "<Timestamp>"] [--tail <N>] [--filter <String>]

Parameters

Parameter	Description
`-b <SGM IDs>`	Applies to Security Group A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. Members as specified by the `<SGM IDs>`. `<SGM IDs>` can be: No `<SGM IDs>` specified, or `all` Applies to all Security Group Members and all Maestro Sites One Security Group Member (for example, `1_1`) A comma-separated list of Security Group Members (for example, `1_1,1_4`) A range of Security Group Members (for example, `1_1-1_4`) In Dual Site, one Maestro Site (`chassis1`, or `chassis2`) In Dual Site, the Active Maestro Site (`chassis_active`)
`<Log File>`	Specifies the log file by its type or full path: `audit` If you specify the log type, the output shows all audit logs in the `/var/log/` directory. To specify a log file, enter its full path and name. For example: `/var/log/asgaudit.log.1` `ports` If you specify the log type, the output shows all ports logs in the `/var/log/` directory. To specify a log file, enter its full path and name. For example: `/var/log/ports` `dist_mode` If you specify the log type, the output shows all logs for the Distribution Mode activity. To specify a log file, enter its full path and name. For example: `/var/log/dist_mode` See Working with the Distribution Mode.
`--from "<Timestamp>"`	Shows only the log entries from the specified timestamp and above. You must use the timestamp as it appears in the log file.
`--to "<Timestamp>"`	Shows only the log entries until the specified timestamp. You must use the timestamp as it appears in the log file.
`--tail <N>`	Show only the last `N` lines of the log file for each Security Group Member. For example, "`-tail 3`" shows only the last 3 lines of the specified log file. Default: 10 lines.
`--filter <String>`	Specifies a text string to use as a filter for the log entries. For example: `--filter debug`

Examples

Example 1 - Audit logs (specified by the log type)

[Expert@HostName-ch0x-0x:0]# asg log --file audit

Feb 02 17:36:12 1_01 WARNING: Blade_admin up on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04,2_05, User: y, Reason: y

Feb 03 08:16:17 1_01 WARNING: Blade_admin down on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04,2_05, User: y, Reason: y

Feb 03 08:17:40 1_01 WARNING: Blade_admin up on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04,2_05, User: y, Reason: y

Feb 03 08:19:53 1_01 WARNING: Blade_admin down on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04,2_05, User: y, Reason: y

Feb 03 08:22:33 1_01 WARNING: Blade_admin up on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04,2_05, User: y, Reason: y

Feb 03 08:23:30 1_01 WARNING: Reboot on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04_05, User: y, Reason: y

Feb 03 08:38:16 1_01 WARNING: Reboot on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04,2_05, User: y, Reason: y

Feb 03 09:21:09 1_01 WARNING: Reboot on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04,2_05, User: y, Reason: y

Feb 03 11:07:08 1_01 WARNING: Reboot on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04,2_05, User: y, Reason: y

Feb 03 11:16:56 1_01 WARNING: Reset sic on blades: all, User: y, Reason: y

Feb 03 11:33:10 1_01 WARNING: Reset sic on blades: all, User: y, Reason: y

Feb 03 11:50:08 1_01 WARNING: Reset sic on blades: all, User: y, Reason: y

Feb 03 13:32:32 1_01 WARNING: Reset sic on blades: all, User: y, Reason: y

Feb 03 14:30:26 1_01 WARNING: Reset sic on blades: all, User: johndoe, Reason: test

Feb 03 14:48:03 1_01 WARNING: Reset sic on blades: all, User: johndoe, Reason: test

Feb 03 15:34:11 1_01 WARNING: Reset sic on blades: all, User: y, Reason: y

Feb 03 17:55:23 1_01 WARNING: Reboot on blades: 1_02,1_03,1_04,1_05,2_01,2_02,2_03,2_04,2_05, User: y, Reason: y

[Expert@HostName-ch0x-0x:0]#

Example 2 - Port logs (specified by the log type), last 12 lines

[Expert@HostName-ch0x-0x:0]# asg log --file ports -tail 12

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-09 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-10 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-11 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-12 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-13 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-14 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-15 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-16 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-Mgmt1 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-Mgmt2 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-Mgmt3 link is down

Feb 3 18:01:40 2_05 HostName-ch02-05 cmd: Chassis 1 eth2-Mgmt4 link is down

[Expert@HostName-ch0x-0x:0]#

Example 3 - Port logs (specified by the full path), filtered by timestamps

[Expert@HostName-ch0x-0x:0]# asg log --file /var/log/ports --from "Feb 21 17:28:41 2019" --to "Feb 21 17:28:41 2019"

Feb 21 17:28:41 2019 1_02 HostName-ch01-02 cphaprob: Setting link state: chassis: 1, interface: eth1-Mgmt1, state: Up Full 10000M