Cisco Cisco Content Security Management Appliance M1070 ユーザーガイド
4-33
AsyncOS 8.2 for Cisco Content Security Management User Guide
Chapter 4 Using Centralized Email Security Reporting
Languages and Locales
Note
You can schedule a PDF report or export raw data as a CSV file with a specific locale for that individual
report. The language drop-down menu on the Scheduled Reports page allows you to view or schedule a
PDF report in the users current selected locale and language. See important information at
report. The language drop-down menu on the Scheduled Reports page allows you to view or schedule a
PDF report in the users current selected locale and language. See important information at
Storage of Archived Reports
For information on how long reports are stored for, and when archived reports are deleted from the
system, see
system, see
.
Additional Report Types
Two special reports that can be generated in the Email > Reporting section on the Security Management
appliance are:
appliance are:
•
•
Domain-Based Executive Summary Report
The Domain-Based Executive Summary report provides a synopsis of the incoming and outgoing
message activity for one or more domains in your network. It is similar to the Executive Summary report,
but it limits the report data to the messages sent to and from the domains that you specify. The outgoing
mail summary shows data only when the domain in the PTR (pointer record) of the sending server
matches a domain you specify. If multiple domains are specified, the appliance aggregates the data for
all those domains into a single report.
message activity for one or more domains in your network. It is similar to the Executive Summary report,
but it limits the report data to the messages sent to and from the domains that you specify. The outgoing
mail summary shows data only when the domain in the PTR (pointer record) of the sending server
matches a domain you specify. If multiple domains are specified, the appliance aggregates the data for
all those domains into a single report.
To generate reports for a subdomain, you must add its parent domain as a second-level domain in the
reporting system of the Email Security appliance and the Security Management appliance. For example,
if you add example.com as a second-level domain, its subdomains, such as subdomain.example.com, are
available for reporting. To add second-level domains, use reportingconfig -> mailsetup -> tld
reporting system of the Email Security appliance and the Security Management appliance. For example,
if you add example.com as a second-level domain, its subdomains, such as subdomain.example.com, are
available for reporting. To add second-level domains, use reportingconfig -> mailsetup -> tld
in the
Email Security appliance CLI, and reportingconfig -> domain -> tld in the Security Management
appliance CLI.
appliance CLI.
Unlike other scheduled reports, Domain-Based Executive Summary reports are not archived.
Domain-Based Executive Summary Reports and Messages Blocked by Reputation Filtering
Because messages blocked by reputation filtering do not enter the work queue, AsyncOS does not
process these messages to determine the domain destination. An algorithm estimates the number of
rejected messages per domain. To determine the exact number of blocked messages per domain, you can
delay HAT rejections on the Security Management appliance until the messages reach the recipient level
(RCPT TO). This allows AsyncOS to collect recipient data from the incoming messages. You can delay
rejections using listenerconfig -> setup command on the Email Security appliance. However, this option
can impact system performance. For more information about delayed HAT rejections, see the
documentation for your Email Security appliance.
process these messages to determine the domain destination. An algorithm estimates the number of
rejected messages per domain. To determine the exact number of blocked messages per domain, you can
delay HAT rejections on the Security Management appliance until the messages reach the recipient level
(RCPT TO). This allows AsyncOS to collect recipient data from the incoming messages. You can delay
rejections using listenerconfig -> setup command on the Email Security appliance. However, this option
can impact system performance. For more information about delayed HAT rejections, see the
documentation for your Email Security appliance.