Forum Discussion

dichotomouse's avatar
dichotomouse
Icon for Nimbostratus rankNimbostratus
May 23, 2016

Is there a way to search the ASM request log for blocks by a certain signature?

I've been looking for this search parameter and can't find it... it seems like something that should be there. Am I missing it?

 

If so, please let me know where it is. If not, I'd like to enter a feature request for it.

 

Our use case is for custom signatures. When we enter a new regex-based signature, it would be nice to quickly be able to search the logs for hits on it. In our case, searching for request contents is not helpful because there is another signature that often has the same text in it.

 

Or, is there a way to export the ASM request log to CSV or Excel format? All I see is a PDF export option which is overly verbose imho, I just want rows of data not nicely formatted pages.

 

Thanks!

 

1 Reply

  • Ideally I would look through the logs in the remote server where i forwarded. You can search with signature ID in the event logs. If the signature ID is not in the logs you could add the storage format under under logging profile, Hope this helps.