Vlog Screen Shots
Here are some screen samples of vlog in curses mode, showing
the ipfilter logfile of a SecurId server.
- raw mode
- formatted mode: with all ipmon
fields
- formatted mode: hiding
some ipmon fields
- video modes
1. raw mode
You launch vlog, then you hit the key r
for raw mode.
You get the raw lines from /var/log/ipflog, in a scrollable window,
truncated to the terminal width.
Something like this:
2. formatted mode: with all ipmon fields
Hit r again to go back to formatted mode,
then hit o (for display options) and a
(for all fields).
With the same log lines as above, you get this screen:
Notes:
- when the 'Rulenum' field (ipfilter group and rule number)
is blank, it means that this packet passed thanks to a keep state
rule (@65535:0)
In that case the Isba rule number is blank too.
- the name (if possible) or the port number of the service
involved is displayed between parentheses at the right.
If the packet is blocked, the service is displayed bold.
3. formatted mode: hiding some ipmon fields
To toggle individual fields displaying, use the o
key again, followed by the key of the field.
Here we successively hide the fields: microseconds, hostname, IP header length.
This is convenient for small windows: you see the informations you want:
4. video modes
Some video modes are used to bring attention to the following
points:
- bold characters are reserved to blocked packets
- day boundary lines are underlined
- log lines vlog couldn't parse are video reversed.
Namely: log lines for fragged packets (like the fifth line here), NAT and
STATE lines.
- when a regexp search is done, all matching substrings
are video reversed.
Here the regexp /10.0.131.175/ was searched.
- lines marked by the user (key m) are
video reversed.
Here the log line at 00:10:43 was marked.
Note: video attributes may be different on some
terminals (e.g. on a PC console, you see blue foreground chars instead of underlined
chars).
Vlog Home Page - last modified on
05-Déc-2001 21:41
MET - Copyright (c) 2001
