Cisco Cisco Email Security Appliance C160 Mode D'Emploi

Tracking logs record information about the email operations of AsyncOS. The log messages are a subset 
of the messages recorded in the mail logs.

The tracking logs are used by the appliance’s message tracking component to build the message tracking 
database. Because the log files are consumed in the process of building the database, the tracking logs 
are transient. The information in tracking logs is not designed to be read or analyzed by humans.

You can also view tracking information from multiple Email Security appliances using the Cisco 
Security Management appliance.

The authentication log records successful user logins and unsuccessful login attempts

.

In this example, the log shows the log in attempts by users “admin,” “joe,” and “dan.” 

Fri Sep 19 11:17:52 2008 Info: Starting scheduled update

Fri Sep 19 11:17:52 2008 Info: Scheduled next update to occur at Fri Sep 19 11:22:52 

2008

Time that the bytes were transmitted.

The message consists of the username of a user who attempted to log in to the 
appliance and whether the user was authenticated successfully. 

Wed Sep 17 15:16:25 2008 Info: Begin Logfile

Wed Sep 17 15:16:25 2008 Info: Version: 6.5.0-262 SN: XXXXXXX-XXXXX

Wed Sep 17 15:16:25 2008 Info: Time offset from UTC: 0 seconds

Wed Sep 17 15:18:21 2008 Info: User admin was authenticated successfully.

Wed Sep 17 16:26:17 2008 Info: User joe failed authentication.

Wed Sep 17 16:28:28 2008 Info: User joe was authenticated successfully.

Wed Sep 17 20:59:30 2008 Info: User admin was authenticated successfully.

Wed Sep 17 21:37:09 2008 Info: User dan failed authentication.