Log Search Issues - Dimension & WG Clouod

Looking for info on geolocation blocked packets, there are these issues:
1) Dimension - there is no geo_src or geo_dst info in Dimension Log Search log displays.
Please add these fields to the Log Search log displays.
Interestingly, they are on the Dimension Log Manager log displays.

2) Watchguard Cloud - there does not appear to be a way to search for geolocation, as in the log message:
blocked sites (geolocation source)
One can search for blocked* or blocked sites* but a search for geolocation or geolocation* returns nothing.
Searches for
geolocation
and blocked sites (

results in an error.
The search function in WG cloud needs to be improved to allow such seaches.

Comments

  • Interestingly, Dimension 2.1.2 U3 came out yesterday (the day of my post) which addresses item 1)

  • RalphRalph WatchGuard Representative

    Hello Bruce, each "geolocation destination" log has a "geo" tag. You can use that to find all Geolocation deny logs. Something like this should work: geo:*

  • Is there a good reason why the WG Cloud log search function is totally different than for Dimension and Traffic Monitor - the ones that most of us have (often significant) experience with ?

  • RalphRalph WatchGuard Representative

    Hello Bruce, I believe it's related to Log Search performance. On Dimension for example, the query cost is very high because the search is done across all raw log data. The same goes for Per-Client Detail reports.

Sign In to comment.