Log Record Format
The following is an example of what you type to restrict to network packet traffic events:
% ... loglvl pkt ... |
Note -
The logiface and logwhy operators imply loglvl pkt.
The following is an example of what you type to restrict to session summary events:
% ... loglvl sess ... |
Note -
In previous SunScreen releases, the sas_logdump program provided -S and -s options that provided a crude form of the loglvl sess feature. Those options are no longer supported.
The following is an example of what you type to restrict to authentication events:
% ... loglvl auth ... |
The following is an example of what you type to restrict to application events:
% ... loglvl app ... |
The filtering mechanisms inherited from snoop related to IP addresses (for example, host, to, from, dst, src, and naked IP addresses and hostnames) have been extended to filter all event types that contain corresponding IP addresses. For example:
% ... from src host ... |
matches packet, session, and extended events that originated from the given source host.
Similarly, the filtering mechanisms inherited from snoop related to TCP and UDP ports (for example, port, dstport and srcport) have been extended to filter all event types that relate to the corresponding services. For example:
% ... port svc ... |
matches packet, session, and extended events that relate to the given service.
- © 2010, Oracle Corporation and/or its affiliates