Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

CLI searching logs using RegEx

Authority
Posts: 33
932     0

We're on 8.5.4, so I'm referencing Supported Expressions for Search Parameters and trying to parse out logs for a certain string during/after a certain time. I can't seem to get any searches with parentheses in them to work.

 

ddi02 > show log debug /2022\/05\/31 2.*db_jnld.*glq_acquire/
2276:[2022/05/31 22:41:26.407] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 74228 wait 273.151009 0.003679892 # 0.91 write 254.268035 0.003425500 % 84.7
2291:[2022/05/31 22:51:26.432] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 54120 wait 77.036631 0.001423441 # 0.26 write 199.567684 0.003687503 % 66.5
2296:[2022/05/31 22:56:26.466] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 56938 wait 94.144639 0.001653459 # 0.31 write 207.892203 0.003651203 % 69.3
2297:[2022/05/31 23:01:26.496] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 58828 wait 120.967933 0.002056299 # 0.40 write 212.488438 0.003612029 % 70.8
2307:[2022/05/31 23:11:26.637] (22785 db_jnld_send - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 53537 wait 116.991460 0.002185245 # 0.39 write 203.923137 0.003809013 % 68.0
2317:[2022/05/31 23:16:26.660] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 64462 wait 139.606082 0.002165711 # 0.47 write 221.343885 0.003433711 % 73.8
2318:[2022/05/31 23:21:26.691] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 59195 wait 124.627921 0.002105379 # 0.42 write 214.791400 0.003628540 % 71.6
2328:[2022/05/31 23:26:26.694] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 60067 wait 126.331297 0.002103173 # 0.42 write 216.446056 0.003603410 % 72.1
2329:[2022/05/31 23:31:26.715] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 59868 wait 149.941921 0.002504542 # 0.50 write 217.500701 0.003633004 % 72.5
2346:[2022/05/31 23:41:26.832] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 58282 wait 106.138193 0.001821114 # 0.35 write 213.419378 0.003661840 % 71.1
2356:[2022/05/31 23:46:27.010] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 59648 wait 116.204888 0.001948177 # 0.39 write 215.597533 0.003614497 % 71.8
2357:[2022/05/31 23:51:27.063] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 59640 wait 103.500566 0.001735422 # 0.34 write 215.896938 0.003620002 % 72.0
2358:[2022/05/31 23:56:27.166] (22566 db_jnld_recv - 169.254.0.1) glq.c:442 glq_acquire(): dbwrite n 62895 wait 133.170474 0.002117346 # 0.44 write 228.111333 0.003626860 % 76.0
ddi02 > show log debug /2022\/05\/31 2(2|3).*db_jnld.*glq_acquire/
No match.
ddi02 > 

Both commands should give me the same output, correct?

Showing results for 
Search instead for 
Did you mean: 

Recommended for You