Traffic Log Search Syntax

cancel
Showing results for 
Search instead for 
Did you mean: 

Traffic Log Search Syntax

L0 Member

What would be the syntax used to create a filter for Traffic logs where one wants to display all traffic initiating or terminating from/to addresses a pre-defined "address-group" ?

4 REPLIES 4

L3 Networker

Hello,

This option is currently not available.There is no way to filter the logs using predefined address objects as the filters will query against the traffic log database which contains logs with ip addresses and not address objects .You can try filtering using a combination of source or destination IP-addresses to achieve this.

Hope this helps.

Yashwanth

Yashwanth A Happy New Year to you!
Thanks for the reply, I was rapidly (well not so rapid) coming to this conclusion...However, having once created the "address" and "address-group" entries is seems a shame to not to be able to use them in certain situations...
A feature request possibly?

Regards

Luke

Understandable that the log records contain the IP and not the group, but why can't the firewall log viewer accept a group object as input and dynamically create a filter (containing all the inherited IP addresses) in the background?

this is something has to be improved.

why can't ? maybe it's about code.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!