Cisco Cisco Email Security Appliance C160 Mode D'Emploi

Check the box labeled “Emailed Alerts” to enable alerting for the Outbreak Filters feature. Enabling 
emailed alerts for Outbreak Filters merely enables the alerting engine to send alerts regarding Outbreak 
Filters. Specifying which alerts are sent and to which email addresses is configured via the Alerts page 
in the System Administration tab. For more information on configuring alerts for Outbreak Filters, see 

Logging of URL-related logs is disabled by default. This includes the logs for the following events:

Category of any URL in the message matches the URL category filters

Reputation score of any URL in the message matches URL reputation filters

Outbreak Filter rewrites any URL in the message

You can configure this in the command-line interface using the 

outbreakconfig

 command to enable 

the logging of these events.

The following example shows how to enable logging of URLs using the 

outbreakconfig

 command

mail.example.com> outbreakconfig

Outbreak Filters: Enabled

Choose the operation you want to perform:

- SETUP - Change Outbreak Filters settings.

[]> setup

Outbreak Filters: Enabled

Would you like to use Outbreak Filters? [Y]>

Outbreak Filters enabled.

Outbreak Filter alerts are sent when outbreak rules cross the threshold (go above or back 

down below), meaning that new messages of

certain types could be quarantined or will no longer be quarantined, respectively.

Would you like to receive Outbreak Filter alerts? [N]>

What is the largest size message Outbreak Filters should scan?

[524288]>

Do you want to use adaptive rules to compute the threat level of messages? [Y]>

Logging of URLs is currently disabled.

Do you wish to enable logging of URL's? [N]> Y

Logging of URLs has been enabled.

The Outbreak Filters feature is now globally enabled on the system.  You must use the 

'policyconfig' command in the CLI or the Email