Cisco Cisco Email Security Appliance C190 사용자 가이드
5-3
Cisco IronPort AsyncOS 7.6 for Email Daily Management Guide
OL-25138-01
Chapter 5 Logging
Overview
CLI Audit Logs
The CLI audit logs record all CLI activity on the system.
FTP Server Logs
FTP logs record information about the FTP services enabled on the interface.
Connection details and user activity are recorded.
Connection details and user activity are recorded.
HTTP Logs
HTTP logs record information about the HTTP and/or secure HTTP services
enabled on the interface. Because the graphical user interface (GUI) is
accessed via HTTP, the HTTP logs are ostensibly the GUI equivalent of the
CLI Audit logs. Session data (new session, session expired) and pages
accessed in the GUI are recorded.
enabled on the interface. Because the graphical user interface (GUI) is
accessed via HTTP, the HTTP logs are ostensibly the GUI equivalent of the
CLI Audit logs. Session data (new session, session expired) and pages
accessed in the GUI are recorded.
NTP Logs
NTP logs record the conversation between the appliance and any NTP
(Network Time Protocol) servers configured. For more information, see
“Editing the Network Time Protocol (NTP) Configuration (Time Keeping
Method)” in the “System Administration” chapter of the Cisco IronPort
AsyncOS for Email Configuration Guide.
(Network Time Protocol) servers configured. For more information, see
“Editing the Network Time Protocol (NTP) Configuration (Time Keeping
Method)” in the “System Administration” chapter of the Cisco IronPort
AsyncOS for Email Configuration Guide.
LDAP Debug Logs
LDAP debug logs are meant for debugging LDAP installations. (See the
“LDAP Queries” chapter in the Cisco IronPort AsyncOS for Email Advanced
Configuration Guide.) Useful information about the queries that the Cisco
IronPort appliance is sending to the LDAP server are recorded here.
“LDAP Queries” chapter in the Cisco IronPort AsyncOS for Email Advanced
Configuration Guide.) Useful information about the queries that the Cisco
IronPort appliance is sending to the LDAP server are recorded here.
Anti-Spam Logs
Anti-spam logs record the status of the anti-spam scanning feature of your
system, including the status on receiving updates of the latest anti-spam
rules. Also, any logs related to the Context Adaptive Scanning Engine are
logged here.
system, including the status on receiving updates of the latest anti-spam
rules. Also, any logs related to the Context Adaptive Scanning Engine are
logged here.
Anti-Spam Archive
If you enabled an Anti-Spam scanning feature, messages that are scanned
and associated with the “archive message” action are archived here. The
format is an mbox-format log file. For more information about anti-spam
engines, see the “Anti-Spam” chapter in the Cisco IronPort AsyncOS for
Email Configuration Guide.
and associated with the “archive message” action are archived here. The
format is an mbox-format log file. For more information about anti-spam
engines, see the “Anti-Spam” chapter in the Cisco IronPort AsyncOS for
Email Configuration Guide.
Anti-Virus Logs
AntiVirus logs record the status of the anti-virus scanning feature of your
system, including the status on receiving updates of the latest anti-virus
identity files.
system, including the status on receiving updates of the latest anti-virus
identity files.
Anti-Virus Archive
If you enabled an anti-virus engine, messages that are scanned and associated
with the “archive message” action are archived here. The format is an
mbox-format log file. For more information, see the “Anti-Virus” chapter in
the Cisco IronPort AsyncOS for Email Configuration Guide.
with the “archive message” action are archived here. The format is an
mbox-format log file. For more information, see the “Anti-Virus” chapter in
the Cisco IronPort AsyncOS for Email Configuration Guide.
Scanning Logs
The scanning log contains all LOG and COMMON messages for scanning
engines (see the Alerts section of the “System Administration” chapter in the
Cisco IronPort AsyncOS for Email Configuration Guide). This is typically
application faults, alert sent, alert failed, and log error messages. This log
does not apply to system-wide alerts.
engines (see the Alerts section of the “System Administration” chapter in the
Cisco IronPort AsyncOS for Email Configuration Guide). This is typically
application faults, alert sent, alert failed, and log error messages. This log
does not apply to system-wide alerts.
IronPort Spam Quarantine
Logs
Logs
IronPOrt Spam Quarantine logs record actions associated with the Cisco
IronPort Spam Quarantine processes.
IronPort Spam Quarantine processes.
IronPort Spam Quarantine
GUI Logs
GUI Logs
IronPort Spam Quarantine logs record actions associated with the Cisco
IronPort Spam Quarantine including configuration via the GUI, end user
authentication, and end user actions (releasing email, etc.).
IronPort Spam Quarantine including configuration via the GUI, end user
authentication, and end user actions (releasing email, etc.).
SMTP Conversation Logs
The SMTP conversation log records all parts of incoming and outgoing
SMTP conversations.
SMTP conversations.
Table 5-1
Log Types (continued)
Log
Description