Cisco Cisco Web Security Appliance S680 Guía Del Usuario
21-12
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 21 Monitor System Activity Through Logs
Log File Names and Appliance Directory Structure
•
Log Compression
•
Retrieval Method
You can also manually archive (rollover) log files.
Step 1
Choose System Administration > Log Subscriptions.
Step 2
Check the checkbox in the Rollover column of the log subscriptions you wish to archive, or check the
All checkbox to select all the subscriptions.
All checkbox to select all the subscriptions.
Step 3
Click Rollover Now to archive the selected logs.
Related Topics
•
•
Log File Names and Appliance Directory Structure
The appliance creates a directory for each log subscription based on the log subscription name. The name
of the log file in the directory is composed of the following information:
of the log file in the directory is composed of the following information:
•
Log file name specified in the log subscription
•
Timestamp when the log file was started
•
A single-character status code, either
.c
(signifying current) or
.s
(signifying saved)
The filename of logs are made using the following formula:
/LogSubscriptionName/LogFilename.@timestamp.statuscode
Note
You should only transfer log files with the saved status.
Reading and Interpreting Log Files
You can read current log file activity as a means of monitoring and troubleshooting the Web Security
appliance. This is done using the appliance interface.
appliance. This is done using the appliance interface.
You can also read archived files for a record of past activity. This can be done using the appliance
interface if the archived files are stored on the appliance; otherwise they must be read from their external
storage location using an appropriate method.
interface if the archived files are stored on the appliance; otherwise they must be read from their external
storage location using an appropriate method.
Each item of information in a log file is represented by a field variable. By determining which fields
represent which items of information, you can look up the field function and interpret the log file
contents. For W3C compliant access logs, the file header lists field names in the order in which they
appear in log entries. For standard Access logs, however, you must consult the documentation regarding
this log type for information on its field order.
represent which items of information, you can look up the field function and interpret the log file
contents. For W3C compliant access logs, the file header lists field names in the order in which they
appear in log entries. For standard Access logs, however, you must consult the documentation regarding
this log type for information on its field order.
Related Topics
•
.
•
.