Cisco Cisco Web Security Appliance S670 User Guide
24-10
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 24 Logging
Working with Log Subscriptions
•
Weekly Rollover. AsyncOS performs a rollover on one or more days of the week at a specified time.
For example, you can set up AsyncOS to rollover the log file every Wednesday and Friday at
midnight. To configure a weekly rollover, choose the days of the week to perform the rollover and
the time of day in the 24-hour format (HH:MM).
For example, you can set up AsyncOS to rollover the log file every Wednesday and Friday at
midnight. To configure a weekly rollover, choose the days of the week to perform the rollover and
the time of day in the 24-hour format (HH:MM).
If you are using the CLI, you can use a dash (
-
) to specify a range of days, an asterisk (
*
) to specify
every day of the week, or a comma (
,
) to separate multiple days and times.
shows the settings available for the Weekly Rollover option.
Figure 24-3
Weekly Rollover Settings
Working with Compressed Log Files
To save disk space on the Web Security appliance, log subscriptions can compress rolled over log files
before storing them on the disk. Only rolled over logs are compressed. The current active log file is not
compressed.
before storing them on the disk. Only rolled over logs are compressed. The current active log file is not
compressed.
Each log subscription has its own log compression setting, so you can choose which log subscriptions
to compress. AsyncOS compresses log files using the gzip compression format.
to compress. AsyncOS compresses log files using the gzip compression format.
Viewing the Most Recent Log Files
You can view a the most recent version of a log file from the following locations:
•
Web interface. On the System Administration > Log Subscriptions page, click the name of the log
subscription in the Log Files column of the list of log subscriptions. When you click the link to the
log subscription, AsyncOS prompts you to enter your password. Then it lists the available log files
for that subscription. Click one of the log files to view it in your browser or to save it to disk.
subscription in the Log Files column of the list of log subscriptions. When you click the link to the
log subscription, AsyncOS prompts you to enter your password. Then it lists the available log files
for that subscription. Click one of the log files to view it in your browser or to save it to disk.
•
Command line interface. Use the
tail
CLI command. AsyncOS displays the configured log
subscriptions and prompts you to select the log subscription to view. Use Ctrl+C to exit from the
tail
command at any time.
Note
If a log subscription is compressed, you must download it before you can decompress and open it.
Configuring Host Keys
Use the
logconfig -> hostkeyconfig
subcommand to manage host keys for use with SSH when
pushing log files to other servers from the Web Security appliance. SSH servers must have a pair of host
keys, one private and one public. The private host key resides on the SSH server and cannot be read by
remote machines. The public host key is distributed to any client machine that needs to interact with the
SSH server.
keys, one private and one public. The private host key resides on the SSH server and cannot be read by
remote machines. The public host key is distributed to any client machine that needs to interact with the
SSH server.