Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
38-32
Cisco AsyncOS 9.0 for Email User Guide
Chapter 38 Logging
Log Types
Use as a guide to reading the preceding log file.
Using Safelist/Blocklist Logs
shows the statistics recorded in safelist/blocklist logs.
Table 38-26
Detail of LDAP Debug Log Example
Line Number
Description
1.
The log file is initialized.
2.
3.
4.
The listener is configured to use LDAP for masquerading, specifically with the
LDAP query named “sun.masquerade.”
LDAP query named “sun.masquerade.”
The address employee@routing.qa is looked up in the LDAP server, a match is
found, and the resulting masquerade address is employee@mail.qa, which will be
written to the message headers and/or the envelope from, depending on the
masquerade configuration.
found, and the resulting masquerade address is employee@mail.qa, which will be
written to the message headers and/or the envelope from, depending on the
masquerade configuration.
5.
The user has manually run
ldapflush
.
6.
A query is about to be sent to sun.qa, port 389. The query template is:
(&(ObjectClass={g})(mailLocalAddress={a})).
(&(ObjectClass={g})(mailLocalAddress={a})).
The {g} will be replaced by the groupname specified in the calling filter, either a
rcpt-to-group or mail-from-group rule.
rcpt-to-group or mail-from-group rule.
The {a} will be replaced by the address in question.
7.
8.
Now the substitution (described previously) takes place, and this is what the query
looks like before it is sent to the LDAP server.
looks like before it is sent to the LDAP server.
9.
The connection to the server is not yet established, so make a connection.
10.
The data that is sent to the server.
11.
The result is an empty positive, meaning one record was returned, but since the
query didn't ask for any fields, there is no data to report. These are used for both
group and accept queries when the query checks to see if there is a match in the
database.
query didn't ask for any fields, there is no data to report. These are used for both
group and accept queries when the query checks to see if there is a match in the
database.
Table 38-27
Safelist/Blocklist Log Statistics
Statistic
Description
Timestamp
Time that the bytes were transmitted.
Message
The message consists of actions taken, including user authentication, and so forth.