Cisco Cisco Web Security Appliance S390 ユーザーガイド
20-7
AsyncOS 8.1 for Cisco Web Security User Guide
Chapter 20 Monitor System Activity Through Logs
Adding and Editing Log Subscriptions
Step 4
Submit and commit your changes.
Step 5
If you chose SCP as the retrieval method, the appliance displays an SSH key to you must place on the
SCP server host.
SCP server host.
Retrieval Method:
FTP on Appliance
The FTP on Appliance method (equivalent to FTP Poll) requires a remote
FTP client accessing the appliance to retrieve log files using an admin or
operator user’s username and password.
FTP client accessing the appliance to retrieve log files using an admin or
operator user’s username and password.
When you choose this method, you must enter the maximum number of log
files to store on the appliance. When the maximum number is reached, the
system deletes the oldest file.
files to store on the appliance. When the maximum number is reached, the
system deletes the oldest file.
This is the default retrieval method.
Retrieval Method:
FTP on Remote Server
The FTP on Remote Server method (equivalent to FTP Push) periodically
pushes log files to an FTP server on a remote computer.
pushes log files to an FTP server on a remote computer.
When you choose this method, you must enter the following information:
•
FTP server hostname
•
Directory on FTP server to store the log file
•
Username and password of a user that has permission to connect to the
FTP server
FTP server
Note
AsyncOS for Web only supports passive mode for remote FTP
servers. It cannot push log files to an FTP server in active mode.
servers. It cannot push log files to an FTP server in active mode.
Retrieval Method:
SCP on Remote Server
The SCP on Remote Server method (equivalent to SCP Push) periodically
pushes log files using the secure copy protocol to a remote SCP server. This
method requires an SSH SCP server on a remote computer using the SSH2
protocol. The subscription requires a user name, SSH key, and destination
directory on the remote computer. Log files are transferred based on a
rollover schedule set by you.
pushes log files using the secure copy protocol to a remote SCP server. This
method requires an SSH SCP server on a remote computer using the SSH2
protocol. The subscription requires a user name, SSH key, and destination
directory on the remote computer. Log files are transferred based on a
rollover schedule set by you.
When you choose this method, you must enter the following information:
•
SCP server hostname
•
Directory on SCP server to store the log file
•
Username of a user that has permission to connect to the SCP server
Retrieval Method:
Syslog Push
The Syslog Push method sends log messages to a remote syslog server on
port 514. This method conforms to RFC 3164.
port 514. This method conforms to RFC 3164.
When you choose this method, you must enter the following information:
•
Syslog server hostname
•
Protocol to use for transmission, either UDP or TCP
•
Facility to use with the log
You can only choose syslog for text-based logs.
Syslog messages greater than 1024 bytes are truncated. Access logs and
W3C access logs with many custom variables, especially of variable length,
might exceed the 1024 byte limit.
W3C access logs with many custom variables, especially of variable length,
might exceed the 1024 byte limit.
Option
Description