|
The 'filter' option is only available through .json and not available in interactive mode.
As a result, it is necessary to pass initialization session configuration from a file.
For example:
- Using vi, create a session configuration file:
vi filter.json
- Type or copy/paste session parameters and include the filter option:
{"adom": "root",
"start_date": "2024-04-07",
"end_date": "2024-04-09",
"log_type": "traffic",
"device_ids": ["FGTXXXXXXXXXXXXX"],
"filter": "user='ceco2024'",
"format": "csv"}
Note the parameter filter is included and set to filter for the user ceco2024.
- Start initialization and pass the configuration file:
fazbd-log-export init -f filter.json
Successful configuration initialization should have lines like the following:
✔ validate input
✔ validate table existence
✔ validate the filter
✔ validate device_ids
✔ estimate the size
WARN: The estimated size of the export is *.**GB. Please ensure the cluster has free space available. Do you want to continue? [Y]es/[N]o/[C]ancel : Y
✔ acquire the session
✔ persist the task
✔ create temp table
log export session created. Session ID: xxxxxxxxxxxxxxxxxxxxxxx
- To start the session, run the following:
fazbd-log-export start xxxxxxxxxxxxxxxxxxxxxxx
To check status:
fazbd-log-export status xxxxxxxxxxxxxxxxxxxxxxx
And/or to send to the SCP server:
fazbd-log-export push xxxxxxxxxxxxxxxxxxxxxxx
To close the session:
fazbd-log-export close xxxxxxxxxxxxxxxxxxxxxxx
|
