Table of Contents
Advertisement
Setting Log Investigator Filters
Copyright © 2010, Juniper Networks, Inc.
To control the size of this buffer (the number of matching log entries), you can configure
the Max Log Count for your investigations. The limit defines the number of matching log
entries the Log Investigator accepts for its calculations.
You can set the following log entry limits:
100,000 log entries
200,000 log entries
400,000 log entries
600,000 log entries
800,000 log entries
1,000,000 log entries
NOTE: Setting a large buffer limit can degrade Log Investigator performance.
The maximum buffer size of one million log entries uses all memory on the
GUI Server and is not recommended.
Log Investigator filters operate much like Log Viewer filters: You set criteria for log entries
and the Log Investigator filters out log entries that do not match the filter criteria. Using
the Filter Summary dialog box, you can select and apply multiple filters to the Log
Investigator matrix.
To set filters, from the View menu, select Set Filter. Table 106 on page 783 details filter
types:
Table 106: Log Investigator Filters
Filter Type
Time Filter
Address Filters
Direction Filters
Sample Filters
Description
Time Generated
Identifies packets by the time when a packet
is sent from a device.
Src Addr
Identifies packets based on information
about an address of a device from which the
Src Intf
packet was sent or an address of a device to
which the packet was sent.
Dst Addr
Dst Intf
Packets In
Identifies packets based on the direction they
are heading to or from a specified device.
Packets Out
Packets Total
Chapter 19: Logging
783
Advertisement
Table of Contents
