https://live.paloaltonetworks.com/t5/general-topics/help-needed-with-pruning-ikemgr-log-outputs-to-show-only/m-p/313752#M80978 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/134409">@James_Cook</a>,</P><P>There isn't a good way to export that file if this is something that you are doing on a daily basis, also I can't fathom why someone would need to do this on a daily basis.&nbsp;</P><P>You can't simply export&nbsp;<EM>just</EM> this file, but it is included in a technical support file dump; so if you generate a tech-support file you'll be able to export that off of the firewall and then it will contain the ikemgr.log where you can filter it how you like.&nbsp;</P><P>&nbsp;</P><P>Personally I would simply stick to less and build a proper search for what you are looking for. So in the example that you gave you wouldn't actually want to use&nbsp;<EM><STRONG>/<A href="http://www.xxx.yyy.zzz" target="_blank">www.xxx.yyy.zzz</A></STRONG></EM><STRONG>&nbsp;</STRONG>but utilize the search&nbsp;<EM><STRONG>/www[.]xxx[.]yyy[.]zzz&nbsp;</STRONG></EM>instead. Then hit enter to activate the search and you can use 'n' to go to the next result. Maybe that will help make searching through the log in the CLI a bit more usable for you.&nbsp;</P> Sun, 01 Mar 2020 05:26:12 GMT BPry 2020-03-01T05:26:12Z https://live.paloaltonetworks.com/t5/general-topics/help-needed-with-pruning-ikemgr-log-outputs-to-show-only/m-p/313371#M80928 <P>On Palo Alto CLI the only way I know of to see the logs of VPN tunnel Phase I errors etc is this command from inside the vsys via CLI where the VPN tunnel is built:</P><P>&nbsp;</P><P>less mp-log ikemgr.log&nbsp;</P><P>&nbsp;</P><P>1) Are there commands for CLI where I can show just outputs for ONLY certain tunnel information that I'm seeking from the above log command? I've tried stuff like:</P><P>less mp-log ikemgr.log | grep <A href="http://www.xxx.yyy.zzz" target="_blank">www.xxx.yyy.zzz</A>&nbsp; (Peer IP address)</P><P>it returns with 'invalid syntax'</P><P>2) Can the entire ikemgr.log be exported?&nbsp; That way I could pull the entire log and then search it for the interesting traffic I'm looking for.&nbsp; But I need the commands for that too.</P><P>&nbsp;</P><P>I am able to see some of the related traffic I want by running the command that's listed above to show the ikemgr log, and then putting in /<A href="http://www.xxx.yyy.zzz" target="_blank">www.xxx.yyy.zzz</A> after the first page of log results are shown.&nbsp; But that's not exactly what I'm needing.&nbsp; The log file is gigantic and even just going through a single day of the entire log is not possible.</P><P>&nbsp;</P><P>Any help/guidance/suggestions is all appreciated.</P><P>Thanks</P> Thu, 27 Feb 2020 20:06:36 GMT https://live.paloaltonetworks.com/t5/general-topics/help-needed-with-pruning-ikemgr-log-outputs-to-show-only/m-p/313371#M80928 James_Cook 2020-02-27T20:06:36Z https://live.paloaltonetworks.com/t5/general-topics/help-needed-with-pruning-ikemgr-log-outputs-to-show-only/m-p/313752#M80978 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/134409">@James_Cook</a>,</P><P>There isn't a good way to export that file if this is something that you are doing on a daily basis, also I can't fathom why someone would need to do this on a daily basis.&nbsp;</P><P>You can't simply export&nbsp;<EM>just</EM> this file, but it is included in a technical support file dump; so if you generate a tech-support file you'll be able to export that off of the firewall and then it will contain the ikemgr.log where you can filter it how you like.&nbsp;</P><P>&nbsp;</P><P>Personally I would simply stick to less and build a proper search for what you are looking for. So in the example that you gave you wouldn't actually want to use&nbsp;<EM><STRONG>/<A href="http://www.xxx.yyy.zzz" target="_blank">www.xxx.yyy.zzz</A></STRONG></EM><STRONG>&nbsp;</STRONG>but utilize the search&nbsp;<EM><STRONG>/www[.]xxx[.]yyy[.]zzz&nbsp;</STRONG></EM>instead. Then hit enter to activate the search and you can use 'n' to go to the next result. Maybe that will help make searching through the log in the CLI a bit more usable for you.&nbsp;</P> Sun, 01 Mar 2020 05:26:12 GMT https://live.paloaltonetworks.com/t5/general-topics/help-needed-with-pruning-ikemgr-log-outputs-to-show-only/m-p/313752#M80978 BPry 2020-03-01T05:26:12Z