Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
437
Views
0
Helpful
1
Replies

Log files??

SCOTT MCINTIRE
Level 1
Level 1

‎01-31-2002 01:28 PM - edited ‎03-08-2019 09:43 PM

For some reason, our CSPM(2.3.3i) DB lost data for the last 5 days that was there the day before...still investigating. I restored the DB from the backup we did 3 days ago, reinstalled the S15 signature update, and uploaded the configs to sensors. In doing so, the sensor logs had all been reset. I was hoping to get the data from the last 3 days...are there any logs on the sensor(4210 w/3.0(3)S15) that would show all of the signatures detected and also would not be affected by config upload? Thanks.

Labels:
0 Helpful
1 Reply 1

wardwalk
Cisco Employee
Cisco Employee

‎01-31-2002 02:03 PM

You can ftp them off. They'll be named *.log in /usr/nr/var/new. They could also have been archived (if the /usr/nr/var/new directory became full enough) to /usr/nr/var/dump and if so will be named NEWLOG.log.*.Z. In either case, the asterisk will be the date/time stamp of the log file as YYYYMMDDHHMM.

Hope that helps.

0 Helpful
Customers Also Viewed These Support Documents