Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
26-41
Cisco AsyncOS 8.0.1 for Email User Guide
Chapter 26 Using Email Security Monitor
Reporting Overview
Sample URL
http://example.com/monitor/content_filters?format=csv&sort_col_ss_0_0_0=MAIL_CONTENT_FILT
ER_INCOMING.RECIPIENTS_MATCHED§ion=ss_0_0_0&date_range=current_day&sort_order
_ss_0_0_0=desc&report_def_id=mga_content_filters
ER_INCOMING.RECIPIENTS_MATCHED§ion=ss_0_0_0&date_range=current_day&sort_order
_ss_0_0_0=desc&report_def_id=mga_content_filters
Adding Basic HTTP Authentication credentials
To specify basic HTTP Authentication credentials to the URL:
http://example.com/monitor/
becomes:
http://username:password@example.com/monitor/
File Format
The downloaded file is in CSV format and has a .csv file extension. The file header has a default
filename, which starts with the name of the report, then the section of the report.
filename, which starts with the name of the report, then the section of the report.
Timestamps
Exports that stream data show begin and end timestamps for each raw “interval” of time. Two begin and
two end timestamps are provided — one in numeric format and the other in human-readable string
format. The timestamps are in GMT time, which should make log aggregation easier if you have
appliances in multiple time zones.
two end timestamps are provided — one in numeric format and the other in human-readable string
format. The timestamps are in GMT time, which should make log aggregation easier if you have
appliances in multiple time zones.
Note that in some rare cases where the data has been merged with data from other sources, the export
file does not include timestamps. For example, the Outbreak Details export merges report data with
Threat Operations Center (TOC) data, making timestamps irrelevant because there are no intervals.
file does not include timestamps. For example, the Outbreak Details export merges report data with
Threat Operations Center (TOC) data, making timestamps irrelevant because there are no intervals.
Keys
Exports also include the report table key(s), even in cases where the keys are not visible in the report. In
cases where a key is shown, the display name shown in the report is used as the column header.
Otherwise, a column header such as “key0,” “key1,” etc. is shown.
cases where a key is shown, the display name shown in the report is used as the column header.
Otherwise, a column header such as “key0,” “key1,” etc. is shown.
Streaming
Most exports stream their data back to the client because the amount of data is potentially very large.
However, some exports return the entire result set rather than streaming data. This is typically the case
when report data is aggregated with non-report data (e.g. Outbreaks Detail.)
However, some exports return the entire result set rather than streaming data. This is typically the case
when report data is aggregated with non-report data (e.g. Outbreaks Detail.)
Reporting Overview
Reporting in AsyncOS involves three basic actions:
•
You can create Scheduled Reports to be run on a daily, weekly, or monthly basis.
•
You can generate a report immediately (“on-demand” report).
•
You can view archived versions of previously run reports (both scheduled and on-demand).
Configure scheduled and on-demand reports via the Monitor > Scheduled Reports page. View archived
reports via the Monitor > Archived Reports page.
reports via the Monitor > Archived Reports page.