Skip to main content

Netskope Help

Monitor Log Processing Status using a Command Line Interface

Monitor the status of a single log file by using the following commands:

  • status log-file-history: Provides details about when the log file was queued for processing, when the log completed processing, how many cloud events are extracted from the log, when the log was uploaded to the cloud, and how long processing took. It also shows any exceptions thrown during processing. 

    "support_tenant_sshkey.key": [
    "queued at 2016-09-28 07:00:47.197000", 
    "moved for processing at 2016-09-28 07:00:47.724000", 
    "splitting started at 2016-09-28 07:00:49.062000", 
    "splitting finished at 2016-09-28 07:00:49.303000", 
    "completed parsing at 2016-09-28 07:00:59.622000", 
    "completed uploading to cloud at 2016-09-28 07:01:06.831000", 
    "extracted 0 events from 27 lines", 
    "no of sessions is 0", 
    "time taken = 0:00:19.634000"
  ],

  • status log-file-history summary <no of days>: Provides a one-line summary of all the log files processed on the OPLP. You can specify the number of days as an input. For example, if you want to see the status of logs processed in the last 3 days, use the command: 

    status log-file-history summary 3

    which returns the log file name, when it was found, and its status: 

    status log-file-history summary 1 
{
"ip2user_mapping.csv found at 2015­03­30 22:06:12.415000 and its moved for processing",
"user2canonical_mapping.csv found at 2015­03­30 22:06:12.457000 and its moved for processing",
"asa_Mon_14.log found at 2015­03­30 21:40:18.976000 and and its parsing is complete",
"asa_Mon_15.log found at 2015­03­24 23:00:25.628000 and and its parsing is complete",
}

  • status log-file-history filename <name of the log file>: Provides details about when the log file was queued for processing, when the log completed processing, how many cloud events are extracted from the log, when the log was uploaded to the cloud, and how long processing took. It also shows any exceptions thrown during processing.

    status log-file-history filename asa_Tue_14.log
{
"asa_Tue_14.log": 
"queued at 2015­03­24 21:40:18.977000",
"moved for processing at 2015­03­24 21:40:19.032000",
"completed parsing at 2015­03­24 21:40:58.683000",
"extracted 1 events from 1 lines", "time taken = 0:00:39.706000",
}

To clear specific alerts, use the following command: 

troubleshooting monitoring clear-unfinished-files

This command removes the following alerts:

  • Log_Process-5a

  • Log_Process-5b

  • Log_Process-5c

  • Files_not_picked_up_24_hrs

  • Files_not_picked_up_48_hrs

  • Files_not_uploaded_24_hrs

  • Files_not_uploaded_48_hrs.

The appliance and the Netskope tenant UI generate metrics alerts with the various system metrics. If you do not want to view metrics alerts, you can disable them. Use the following command in configuration mode:

appliance> configure
Entering configuration mode

appliance(config)# set metrics enable false
In this section: