Filter
Top Products
12-5
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 12 Configuring IP Logging
Displaying the Contents of IP Logs
Displaying the Contents of IP Logs
Use the iplog-status [log-id log_id] [brief] [reverse] [ | {begin regular_expression | exclude
regular_expression | include regular_expression}] command to display the description of the available
IP log contents.
When the log is created, the status reads
added. If and when the first entry is inserted in the log, the status
changes to
started. When the log is completed, because it reaches the packet count limit, for example,
the status changes to
completed.
The following options apply:
• log_id—(Optional) Specifies the log ID of the file for which you want to see the status.
• brief—(Optional) Displays a summary of IP log status information for each log.
• reverse—(Optional) Displays the list in reverse chronological order (newest log first).
• |—(Optional) Indicates that an output processing specification follows.
• regular_expression—Specifies any regular expression found in the IP log status output.
• begin—Searches the output of the more command and displays the output from the first instance of
a specified string.
• exclude—Filters the IP log status output so that it excludes lines that contain a particular regular
expression.
• include—Filters the IP log status output so that it includes lines that contain a particular regular
expression.
Displaying IP Logs
To view the contents of IP logs, follow these steps:
Step 1 Log in to the CLI.
Step 2 Display the status of all IP logs.
sensor# iplog-status
Log ID: 2425
IP Address 1: 192.0.2.1
Virtual Sensor: vs0
Status: started
Start Time: 2003/07/30 18:24:18 2002/07/30 12:24:18 CST
Packets Captured: 1039438
Log ID: 2342
IP Address 1: 192.0.2.10
IP Address 2: 192.0.2.20
Virtual Sensor: vs0
Status: completed
Event ID: 209348
Start Time: 2003/07/30 18:24:18 2002/07/30 12:24:18 CST
End Time: 2003/07/30 18:34:18 2002/07/30 12:34:18 CST
sensor#