Cisco Cisco Email Security Appliance C190 Guía Del Usuario
38-3
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 38 Logging
Overview
GUI Logs
See HTTP Logs.
HTTP Logs
HTTP logs record information about the HTTP and/or secure HTTP services
enabled on the interface. Because the graphical user interface (GUI) is
accessed via HTTP, the HTTP logs are ostensibly the GUI equivalent of the
CLI Audit logs. Session data (new session, session expired) and pages
accessed in the GUI are recorded.
enabled on the interface. Because the graphical user interface (GUI) is
accessed via HTTP, the HTTP logs are ostensibly the GUI equivalent of the
CLI Audit logs. Session data (new session, session expired) and pages
accessed in the GUI are recorded.
These logs also include information about SMTP transactions, for example
information about scheduled reports emailed from the appliance.
information about scheduled reports emailed from the appliance.
NTP Logs
NTP logs record the conversation between the appliance and any NTP
(Network Time Protocol) servers configured. For more information, see
“Editing the Network Time Protocol (NTP) Configuration (Time Keeping
Method)” in the “System Administration” chapter.
(Network Time Protocol) servers configured. For more information, see
“Editing the Network Time Protocol (NTP) Configuration (Time Keeping
Method)” in the “System Administration” chapter.
LDAP Debug Logs
LDAP debug logs are meant for debugging LDAP installations. (See the
“LDAP Queries” chapter.) Useful information about the queries that the
Email Security appliance is sending to the LDAP server are recorded here.
“LDAP Queries” chapter.) Useful information about the queries that the
Email Security appliance is sending to the LDAP server are recorded here.
Anti-Spam Logs
Anti-spam logs record the status of the anti-spam scanning feature of your
system, including the status on receiving updates of the latest anti-spam
rules. Also, any logs related to the Context Adaptive Scanning Engine are
logged here.
system, including the status on receiving updates of the latest anti-spam
rules. Also, any logs related to the Context Adaptive Scanning Engine are
logged here.
Anti-Spam Archive
If you enabled an Anti-Spam scanning feature, messages that are scanned
and associated with the “archive message” action are archived here. The
format is an mbox-format log file. For more information about anti-spam
engines, see the “Anti-Spam” chapter.
and associated with the “archive message” action are archived here. The
format is an mbox-format log file. For more information about anti-spam
engines, see the “Anti-Spam” chapter.
Anti-Virus Logs
AntiVirus logs record the status of the anti-virus scanning feature of your
system, including the status on receiving updates of the latest anti-virus
identity files.
system, including the status on receiving updates of the latest anti-virus
identity files.
Anti-Virus Archive
If you enabled an anti-virus engine, messages that are scanned and associated
with the “archive message” action are archived here. The format is an
mbox-format log file. For more information, see the “Anti-Virus” chapter.
with the “archive message” action are archived here. The format is an
mbox-format log file. For more information, see the “Anti-Virus” chapter.
AMP Engine Logs
Logging about the status of Advanced Malware Protection features.
AMP Archive
If you have configured mail policies to archive messages that Advanced
Malware Protection has found to have attachments that are unscannable or
contain malware, those messages are archived here. The format is an
mbox-format log file.
Malware Protection has found to have attachments that are unscannable or
contain malware, those messages are archived here. The format is an
mbox-format log file.
Scanning Logs
The scanning log contains all LOG and COMMON messages for scanning
engines (see
engines (see
). This is typically application faults, alert
sent, alert failed, and log error messages. This log does not apply to
system-wide alerts.
system-wide alerts.
Spam Quarantine Logs
Spam Quarantine logs record actions associated with the Spam Quarantine
processes.
processes.
Spam Quarantine GUI Logs
Spam Quarantine logs record actions associated with the Spam Quarantine
including configuration via the GUI, end user authentication, and end user
actions (releasing email, etc.).
including configuration via the GUI, end user authentication, and end user
actions (releasing email, etc.).
Table 38-1
Log Types (continued)
Log
Description