This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Filtering live web logs

I have looked around, but not found any help.

I have a live view of the web filtering logs open.

I only want to show actions that are block or blocked.

I thought it used regex to do this. I tried:

(\W|^)blocked(\W|$) and (\W|^)block(\W|$)

Neither had any affect.

I also tired just the word block and blocked. I hit enter at the end of each keyword and regex entry.

I have tried the latest versions of Chrome and Firefox. The UTM is up to date. The Filter has never done anything for me.

Can anyone please explain this to me?

Also, is there a good way to parse Sophos logs? They do not use a csv format or any other easy to parse format that I can see. I do a lot in Excel...

Thanks,

C68

This thread was automatically locked due to age.

Parents

0 Michael Dunn over 9 years ago

I'm not 100% sure, but I think the filter only applies to new logs being added to the screen - it does not filter your existing screen full of information.

Does that explain what you are seeing?

By the way, the log is at /var/log/http.log if you want to do your own viewing on the box.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Michael Dunn over 9 years ago

I'm not 100% sure, but I think the filter only applies to new logs being added to the screen - it does not filter your existing screen full of information.

Does that explain what you are seeing?

By the way, the log is at /var/log/http.log if you want to do your own viewing on the box.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data