Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
39-30
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 39 Logging
Log Types
Using Anti-Virus Logs
Anti-Virus Log Example
In this example, the Anti-Virus log shows the Sophos anti-virus engine checking for updates to virus
definitions (IDE) and the engine itself.
definitions (IDE) and the engine itself.
You can temporarily set this to DEBUG level to help diagnose why the anti-virus engine returns a
particular verdict for a given message. The DEBUG logging information is verbose; use with caution.
particular verdict for a given message. The DEBUG logging information is verbose; use with caution.
Using AMP Engine Logs
The AMP Engine logs contain details of:
•
File reputation query sent to the file reputation server and response received from the file reputation
server.
server.
•
File analysis, if the file is uploaded to file analysis server. The status of the file analysis is recorded
periodically until a response is received from the file analysis server.
periodically until a response is received from the file analysis server.
Examples of AMP Engine Log Entries
Following are sample AMP Engine log entries based on certain scenarios:
•
•
•
•
•
•
•
•
•
Table 39-22
AntiVirus Log Statistics
Statistic
Description
Timestamp
Time that the bytes were transmitted
Message
The message consists of the check for the anti-virus update, as well as the results
(whether an update of the engine or the virus definitions was needed, etc.)
(whether an update of the engine or the virus definitions was needed, etc.)
Thu Sep 9 14:18:04 2004 Info: Checking for Sophos Update
Thu Sep 9 14:18:04 2004 Info: Current SAV engine ver=3.84. No engine update needed
Thu Sep 9 14:18:04 2004 Info: Current IDE serial=2004090902. No update needed.