Created on 04-17-2024 08:20 AM Edited on 04-17-2024 08:21 AM By Stephen_G
Description | This article describes how to use the 'filter' option in fazbd-log-export init. This article serves as an extension of the knowledge explained in the CLI Reference guide. |
Scope | FortiAnalyzer-BigData, CLI, controller. |
Solution |
The 'filter' option is only available through .json and not available in interactive mode.
vi filter.json
{"adom": "root", "start_date": "2024-04-07", "end_date": "2024-04-09", "log_type": "traffic", "device_ids": ["FGTXXXXXXXXXXXXX"], "filter": "user='ceco2024'", "format": "csv"}
fazbd-log-export init -f filter.json
Successful configuration initialization should have lines like the following:
✔ validate input
fazbd-log-export start xxxxxxxxxxxxxxxxxxxxxxx
To check status:
fazbd-log-export status xxxxxxxxxxxxxxxxxxxxxxx
And/or to send to the SCP server:
fazbd-log-export push xxxxxxxxxxxxxxxxxxxxxxx
fazbd-log-export close xxxxxxxxxxxxxxxxxxxxxxx |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.