Cisco Cisco Email Security Appliance C650 Guía Del Usuario
38-41
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 38 Logging
Log Subscriptions
Step 3
Make changes to the log subscription.
Step 4
Submit and commit your changes.
Configuring Global Settings for Logging
The system periodically records system measurements within the Text Mail Logs and the Status Logs.
Use the Edit Settings button in the Global Settings section of the System Administration > Log
Subscriptions page (or the
Use the Edit Settings button in the Global Settings section of the System Administration > Log
Subscriptions page (or the
logconfig -> setup
command in the CLI) to configure:
•
System metrics frequency. This is the amount of time, in seconds, that the system waits between
recording measurements.
recording measurements.
•
Whether to record the Message-ID headers.
•
Whether to record the remote response status code.
•
Whether to record the subject header of the original message.
•
A list of headers that should be logged for each message.
All logs optionally include the following three pieces of data:
1.
Message-ID
When this option is configured, every message will have its Message ID header logged, if it is
available. Note that this Message-ID may have come from the received message or may have been
generated by AsyncOS itself. For example:
available. Note that this Message-ID may have come from the received message or may have been
generated by AsyncOS itself. For example:
2.
Remote Response
When this option is configured, every message will have its remote response status code logged, if
it is available. For example:
it is available. For example:
The remote response string is the human-readable text received after the response to the DATA
command during the delivery SMTP conversation. In this example, the remote response after the
connection host issued the data command is “queued as 9C8B425DA7.”
command during the delivery SMTP conversation. In this example, the remote response after the
connection host issued the data command is “queued as 9C8B425DA7.”
Whitespace, punctuation, (and in the case of the 250 response, the OK characters) are stripped from
the beginning of the string. Only whitespace is stripped from the end of the string. For example,
Email Security appliances, by default, respond to the DATA command with this string: 250 Ok:
Message MID accepted. So, the string “Message MID accepted” would be logged if the remote host
were another Email Security appliance.
the beginning of the string. Only whitespace is stripped from the end of the string. For example,
Email Security appliances, by default, respond to the DATA command with this string: 250 Ok:
Message MID accepted. So, the string “Message MID accepted” would be logged if the remote host
were another Email Security appliance.
3.
Original Subject Header
Tue Apr 6 14:38:34 2004 Info: MID 1 Message-ID Message-ID-Content
Tue Apr 6 14:38:34 2004 Info: MID 1 RID [0] Response 'queued as 9C8B425DA7'
[...]
250 ok hostname
250 Ok: queued as 9C8B425DA7