To access Logger click on Log Messages in the Monitor menu
The filters can be built based on the following fields:
|id||The ID of the message in the database, this is not shown in the GUI by default|
|ip||The IP of the source host|
|rtime||Received time of the message|
|The facility of the message|
|severity||The severity of the message|
|mtime||The time stated within the message|
|host||The host name of the source|
|ident||Ident (Identity) string within the message|
|pid||The PID of the source process|
|event||The Event ID, mainly used in messages from Windows sources|
|msg||The message text|
The columns in Logger can be modified in the same way as the rest of the listviews, see the Listviews chapter.
To perform a search in the archived logs go to Logger in the monitoring menu.
- Create a filter or leave the filter blank to search for all messages
- Click on Run query on Archive in the upper right corner
- Select a start and stop time
- Click on Run query on archive
This will create a report on the specified filter.