<div>
<div class="content wysiwyg-content">
I got a ftp drop error frequently on my gentran edi server. the error is as below:<br />
<br />
Sent: Sunday, March 09, 2014 6:08 PM<br />
To: EDI Group<br />
Subject: Error in BaseEDI_Get_SCNCentre PID=4976630<br />
<br />
System of Origin: IBM Sterling B2B Integrator 5.2 .<br />
An ERROR has occurred in process BaseEDI_Get_SCNCentre.<br />
Process ID: 4976630<br />
Error Description: FTPGetError_Get<br />
.<br />
The errored file has been written to /u1/gis5.2/install/_BaseED<wbr />I/inboundE<wbr />rrors with filename 4976630.FTPGetError_Get.20<wbr />1403091805<wbr />89_089.txt<wbr />.<br />
.<br />
More details can be found in the GIS process Monitor.<br />
<br />
<br />
My EDI coworker doubts if the firewall blocked the ftp traffic from time to time. My firewall is an old Cisco PIX 507 firewall with PIX Version 7.2(4). I am using Cisco ASDM 5.2 for PIX to check the firewall status. I saved the firewall log file to a linux box. <br />
<br />
When I was checking the log file, it has a size of 30 G per day, I would like to know if there is a way I can customize the log file so that I capture only the records relates to that server?<br />
<br />
Also, if I want to process that big log file, what linux command can I use to extract the lines with specific word. <br />
<br />
thank you.<br />
<a href="https://filedb.experts-exchange.com/incoming/2014/03_w11/839103/firewall-log-file-analysis.png" target="_blank" class="file-inline" title="filewall log file size (26 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>firewall-log-file-analysis.png</a>
</div>
</div>


firewall-log-file-analysis.png

I got a ftp drop error frequently on my gentran edi server. the error is as below:

Sent: Sunday, March 09, 2014 6:08 PM
To: EDI Group
Subject: Error in BaseEDI_Get_SCNCentre PID=4976630

System of Origin: IBM Sterling B2B Integrator 5.2 .
An ERROR has occurred in process BaseEDI_Get_SCNCentre.
Process ID: 4976630
Error Description: FTPGetError_Get
.
The errored file has been written to /u1/gis5.2/install/_BaseEDI/inboundErrors with filename 4976630.FTPGetError_Get.20140309180589_089.txt.
.
More details can be found in the GIS process Monitor.


My EDI coworker doubts if the firewall blocked the ftp traffic from time to time. My firewall is an old Cisco PIX 507 firewall with PIX Version 7.2(4). I am using Cisco ASDM 5.2 for PIX to check the firewall status. I saved the firewall log file to a linux box. 

When I was checking the log file, it has a size of 30 G per day, I would like to know if there is a way I can customize the log file so that I capture only the records relates to that server?

Also, if I want to process that big log file, what linux command can I use to extract the lines with specific word. 

thank you.

how to extract lines with specific key word from a 30 G firewall log file.

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.

Linux

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).