本文档介绍如何使用grep命令从CLI查看思科网络安全设备(WSA)上的日志。
以下是如何运行grep以在访问日志中查找特定域的示例:
wsa.hostname> grep
Currently configured logs:
1. "accesslogs" Type: "Access Logs" Retrieval: FTP Poll
2. "amp_logs" Type: "AMP Engine Logs" Retrieval: FTP Poll
3. "authlogs" Type: "Authentication Framework Logs" Retrieval: FTP Poll
4. "avc_logs" Type: "AVC Engine Logs" Retrieval: FTP Poll
5. "bypasslogs" Type: "Proxy Bypass Logs" Retrieval: FTP Poll
...
42. "webcat_logs" Type: "Web Categorization Logs" Retrieval: FTP Poll
43. "webrootlogs" Type: "Webroot Logs" Retrieval: FTP Poll
44. "welcomeack_logs" Type: "Welcome Page Acknowledgement Logs" Retrieval:
FTP Poll
Enter the number of the log you wish to grep.
[]> 1
Enter the regular expression to grep.
[]> domain.com
Do you want this search to be case insensitive? [Y]>
Do you want to search for non-matching lines? [N]>
Do you want to tail the logs? [N]>
Do you want to paginate the output? [N]>