Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

WSA S370 CLI - Use regular expression with "tail"

Hello

it is possible to somehow filter output from "tail" access logs to match string pattern - similar to "Enter the regular expression" for grep? We have lot of users and sometime I wanted to see real on-the-fly traffic via access logs, but I wanted to point specific IP/username/URL ... but now I am not possible as using "tail" I am able only to specify log type.

> version

Current Version

===============

Product: Cisco IronPort S370 Web Security Appliance

Model: S370

Version: 7.5.0-833

thanks

michal

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: WSA S370 CLI - Use regular expression with "tail"

Hi Michal,

Let me try to rephrase.

On the WSA:

'tail' will tail all the access logs in real time.

'grep' can tail the access logs in real time while grepping for the RegEx you'd like.  Be aware that when you issue the 'grep', there will be an option in which you must answer YES to (tail the output).

-Vance

5 REPLIES
Cisco Employee

WSA S370 CLI - Use regular expression with "tail"

Hi Michal,

The grep command will be tailed.

Really, it is similiar to tail -f aclog.current | grep 'expression'.

-Vance

WSA S370 CLI - Use regular expression with "tail"

Hi Vance,

not sure if understand - you are telling me that it is implemented now or not? Yes I know that using pipes I can get real tailing of logs with matching strings by grep. the question is, if WSA CLI does support it's own "tail" with grep. as using "tail" in WSA CLI I am not able to define regular expression/matching_pattern.

thank you

michal

WSA S370 CLI - Use regular expression with "tail"

Hi Michal,

Are you talking about using the -t flag?  As below:

grep "regex" accesslogs -t

Thanks

Chris

Cisco Employee

Re: WSA S370 CLI - Use regular expression with "tail"

Hi Michal,

Let me try to rephrase.

On the WSA:

'tail' will tail all the access logs in real time.

'grep' can tail the access logs in real time while grepping for the RegEx you'd like.  Be aware that when you issue the 'grep', there will be an option in which you must answer YES to (tail the output).

-Vance

Re: WSA S370 CLI - Use regular expression with "tail"

Hi Vance,

thanks for clarification. I miss that option within "grep"  command for tailing results. excelent!

1646
Views
0
Helpful
5
Replies
CreatePlease to create content