5.0 Searching

Novell Sentinel Log Manager provides you with an option to perform a search on events. Each time you perform a search for an event, a page opens with the search results. You can refine your search results again. When a user logs in to Sentinel Log Manager, a default search is run and all events that the logged-in user has permission to see are displayed.

You can search the local data in the flat files format in the /data directory or the stored data in compressed format at the configured networked storage location.With the necessary configuration, users can also search system events generated by Sentinel Log Manager, view the raw data for each event, or perform distributed searches across multiple Sentinel Log Manager servers. By default, events are returned in a reverse chronological order. This sort order relates to how the events are stored in the file system partitions.

You can refine search results, view search results, export search results, save search queries as report templates, and send search results to a configured action.

You can also search Sentinel Log Manager servers which are distributed across different geographic location. For more information, see Section 7.0, Searching and Reporting Events in a Distributed Environment.