The Armor Management Portal (AMP) only displays logs from the previous 30 days.
- In the Armor Management Portal (AMP), in the left-side navigation, click Security.
- Click Log & Data Management.
- Click Search.
- Enter separate search terms within quotation marks.
- Enter exact search terms, including letter capitalization.
|Date||This column displays the date and time when Armor received the corresponding log.|
|Source||This column displays the name of the virtual machine that generated the log.|
|Message||This column displays the specific log message.|
To better understand how to perform successful searches, consider the following sample log message: 2019-04-08T18:46:09Z INFO No non-zero metrics in the last 30s
In a log message, spaces between words indicates a separate search term. For instance, there are no spaces in 2019-04-08T18:46:09Z. As a result, 2019-04-08T18:46:09Z is considered one search term. In this example, to search for dates, you must enter the complete and exact date; you cannot perform searches with partial search terms, such as 2019-04.
|Successful search parameters||Unsuccessful search parameters||Description|
If the search term contains special characters, such as a colon, then you must perform the search with quotation marks ( " " ).
Also, in this example, the complete search term is 2019-04-08T18:46:09Z. You cannot perform a search on partial search terms, such as 2019.
|You cannot perform a search on partial search terms. In this example, the complete search term is INFO, not INF.|
You can search for different search terms by separating terms with quotation marks.
In this example, the complete search term is 30s, not 30. You cannot perform searches with partial search terms.
Similar to the use of quotation marks, you can also use an asterisk ( * ) to perform a wildcard search for strings.
A wildcard search may take a few more seconds to complete.