Viewing Log Aggregation and Analysis

The syslog forwarded from the configured PCS/PPS appliances can be viewed in Appliance Logs. Here, users have a consolidated view of logs generated by every PPS/PCS appliance that is configured to forward its syslogs to the Pulse One server.

The system provides a set of Default Queries below the Appliance Logs menu in the navigation panel. Administrator can also customize the queries and save them for future use. These customized queries are listed below Saved Queries.

The Appliance Logs page allows searching by a string token by typing in the token in the search bar or double-clicking a string in the logs details. The view is then filtered to display all messages with the token that is being searched for. Users can enter multiple tokens separated by space. This customized query can then be saved using the Save Query feature.

To view logs from any of the system default queries, expand Default Queries and click on the query.

To view logs from the customized queries, expand Saved Queries and click on the query.

It is also possible to filter the logs by timestamp. This can be done by choosing a From date and To date in the date fields on the top right.

Users can also choose to filter search results by Match All (will display search results that have all tokens searched for) or Match Any (will display search results that include any of the tokens searched for).

The number of search results to be displayed on the screen can be 50, 100, 250, 500 by making a choice on the bottom left corner of the page. Finally, the search results can span over multiple pages and navigated using the buttons on the bottom right corner of the page.

Only the saved queries can be deleted using the Delete Query feature.