chimbudp Absent Member.
Absent Member.
223 views

How to override the limits for result events ? how to show more than million records in logger search?

I wanted to extract events to csv from the result of my search. As, I do retrieve more than million records I have been shown by the logger only limited results.

If I wanted to extract more than that, how do i extract

Eg:

deviceVendor="Palo Alto Networks"

Search criteria : Last 3 days.

I get an incomplete search results since it crossed limit 1 million records.

I wanted to extract more than 1 million records, How can I extract the logs ?

Labels (1)
0 Likes
1 Reply
Micro Focus Expert
Micro Focus Expert

Re: How to override the limits for result events ? how to show more than million records in logger search?

Can you add more criteria to your search to reduce the number of events found?

Ideas - add a sourceAddress of interest?

What is the use case for this, why do you want to do this, and what use is a CSV file of 3 days of PAN events?

It should be possible to do this using the Logger API and some scripting.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.