This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Missing date in firewall log search

Hello everbody,

I just noticed that in the firewall log search results on the webadmin, the date is not longer displayed.
This is especially helpful when searching over several days. I have currently been able to reproduce this on two appliances with 9.704 and 9.703 installed.

I don't know since when it is no longer displayed, but I believe that this was also displayed earlier.

I would be happy if someone else could confirm it or correct me if i'm wrong.

Regards,

Markus



This thread was automatically locked due to age.
Parents
  • Hello,

    I can confirm, the date field is not display in firewall log search or live view. But was it once present?

    Regards,
    Michael
  • Hello Michael,

    i've searched in my mailbox for older logs, and i've found the output from packetfilter log two years ago, where the logfilename and date will be shown, if i'm searching in the packetfilter log for more than one day:

    /var/log/packetfilter.log:2018:08:23-16:13:18 fw-1 ulogd[16253]: id="2005" severity="info" sys="SecureNet" sub="packetfilter" name="IP spoofing drop" action="IP spoofing drop" fwrule="60008" initf="eth0" srcmac="00:89:c6:d1:dd:6d" dstmac="0f:0a:88:f1:25:f6" srcip="xx.xx.xx.xx" dstip="yy.yy.yy.yy" proto="6" length="168" tos="0x00" prec="0x00" ttl="126" srcport="443" dstport="53784" tcpflags="ACK PSH" 

    Regards,

    Markus

  • Hi Markus,

     it is an problem in the presentation inside the webadmin GUI. The live log and search log output trimm the log file and make nice red, green, white background colors to the lines. 

    If you open the log file as downloaded file you can see the date field and many more. But your primary question was the log search inside the webadmin GUI.

    regards,

    Michael 

  • Hello Markus,

    Thank you for contacting the Sophos Community!

    To add to what Michael said, the Live Log is only for the day, so it won't show the date, Live Log formats the log just to provide the most necessary information, if you want to see the full log you can go to Logging & Reporting >> View Log Files >> Today's Log Files and then click on View instead of Live Log.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Hi Emmanuel,

    ok, after a long search i've found a SG appliance with an older Firmware and i could verify my Topic, when i'm searching in the WebAdmin Firewall Log, in more than on day, i get the results with date and many informations more:

    Regards,

    Markus

Reply Children