I initially set the sensor to capture all Severities, but then after tunning it, I'd like to reduce the scope to just 0-4 . But the log under the "Messages" tab keeps showing the full history ... is there a way to "prune" the database?
Also, is there a way to search through the messages for specific messages, or by severity?
Article Comments
Hi Mariano,
Thank you for the KB-Post. Syslog messages can only be purged by their age, not by type / severity / etc.. You'll find the according option in the Settings of the sensor, so over time the issue will clear itself here too.
Searching through the messages can be done on the "Messages"-Tab of the sensor. The top of the table should allow to filter for certain messages, that will definitely work to see messages only of a certain severity, and it should also work when filtering (i.e. searching) for a message.
best regards.
Jun, 2018 - Permalink
Hi Mariano,
Thank you for the KB-Post. Syslog messages can only be purged by their age, not by type / severity / etc.. You'll find the according option in the Settings of the sensor, so over time the issue will clear itself here too.
Searching through the messages can be done on the "Messages"-Tab of the sensor. The top of the table should allow to filter for certain messages, that will definitely work to see messages only of a certain severity, and it should also work when filtering (i.e. searching) for a message.
best regards.
Jun, 2018 - Permalink