Cisco Cisco Email Security Appliance C690 User Guide
5-11
Cisco IronPort AsyncOS 7.5 for Email Daily Management Guide
OL-25138-01
Chapter 5 Logging
Overview
Log Filenames and Directory Structure
Cisco IronPort AsyncOS creates a directory for each log subscription based on the
log subscription name. The actual name of the log file in the directory is
composed of the log filename specified by you, the timestamp when the log file
was started, and a single-character status code. The filename of logs are made
using the following formula:
log subscription name. The actual name of the log file in the directory is
composed of the log filename specified by you, the timestamp when the log file
was started, and a single-character status code. The filename of logs are made
using the following formula:
/LogSubscriptionName/LogFilename.@timestamp.statuscode
Status codes may be
.current
or
.s
(signifying saved). You should only transfer
or delete log files with the saved status.
Log Rollover and Transfer Schedule
Log files are created by log subscriptions, and are rolled over (and transferred, if
a push-based retrieval option is selected) based on the first user-specified
condition reached: maximum file size or scheduled rollover. Use the
a push-based retrieval option is selected) based on the first user-specified
condition reached: maximum file size or scheduled rollover. Use the
logconfig
command in the CLI or the Log Subscriptions page in the GUI to configure both
the maximum file size and time interval for scheduled rollovers. You can also use
the Rollover Now button in the GUI or the
the maximum file size and time interval for scheduled rollovers. You can also use
the Rollover Now button in the GUI or the
rollovernow
command in the CLI to
rollover selected log subscriptions. See
for more information on scheduling rollovers.
Logs retrieved using manual download are saved until they reach the maximum
number you specify (the default is 10 files) or until the system needs more space
for log files.
number you specify (the default is 10 files) or until the system needs more space
for log files.
Logs Enabled by Default
Your Cisco IronPort appliance is pre-configured with the following log
subscriptions enabled by default (other logs may be configured depending on
which license keys you have applied). By default, the retrieval method is
“Manually Download.”
subscriptions enabled by default (other logs may be configured depending on
which license keys you have applied). By default, the retrieval method is
“Manually Download.”
Table 5-4
Pre-configured Log Subscriptions
Log #
Log Subscription Name
Log Type
1
antispam
Anti-Spam logs
2
antivirus
Anti-Virus Logs