Is there any way to export raw logs from CS-MARS or is the Query option (or the syslog relay) the only way to interrogate against any log data that is collected by CS-MARS?
So for instance, I wanted to dump either all (or part based on date/time range) logs to a flat file to parse into a more flexible and easier to use log analysis appliance.. is there an easy way to do this? Thanks in advance!
Under the Admin tab click System Maintenance in the second box you will see 'retrieve raw messages'. Click that and tell it what you want