Руководство Пользователя для Cisco Cisco Content Security Management Appliance M1070
Chapter 3 Using Centralized Email Reporting
3-58
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
Archived reports are deleted automatically — up to 12 instances of each
scheduled report (up to 1000 reports) are kept. As new reports are added, older
ones are deleted to keep the number at 1000. The limit of 12 instances applies to
each scheduled report, not to the report type.
scheduled report (up to 1000 reports) are kept. As new reports are added, older
ones are deleted to keep the number at 1000. The limit of 12 instances applies to
each scheduled report, not to the report type.
Reporting Filters
AsyncOS provides reporting filters that allow you to restrict the aggregation of
data in reports that cover the previous year (Last Year reports). You can use these
filters if the performance of aggregated reporting decreases due to a large number
of unique entries over the course of a month. These filters can restrict detailed,
individual IP, domain, or user data in reports. Overview reports and summary
information remain available for all reports.
data in reports that cover the previous year (Last Year reports). You can use these
filters if the performance of aggregated reporting decreases due to a large number
of unique entries over the course of a month. These filters can restrict detailed,
individual IP, domain, or user data in reports. Overview reports and summary
information remain available for all reports.
You can enable one or more of the reporting filters using the
reportingconfig ->
filters
menu in the CLI. The changes must be committed to take effect.
Use the following reporting filters to restrict data aggregation:
•
IP Connection Level Detail. Enabling this filter prevents the Security
Management appliance from recording information about individual IP
addresses. This filter is appropriate for systems that process a large number
of incoming IP addresses due to attacks.
Management appliance from recording information about individual IP
addresses. This filter is appropriate for systems that process a large number
of incoming IP addresses due to attacks.
This filter affects the following Last Year reports:
–
Sender Profile for Incoming Mail
–
IP Addresses for Incoming Mail
–
IP Addresses for Outgoing Senders
•
User Detail. Enabling this filter prevents the Security Management appliance
from recording information about individual users sending and receiving mail
and the content filters that are applied to the users’ mail. This filter is
appropriate for appliances that process mail for millions of internal users or
if the system does not validate recipient addresses.
from recording information about individual users sending and receiving mail
and the content filters that are applied to the users’ mail. This filter is
appropriate for appliances that process mail for millions of internal users or
if the system does not validate recipient addresses.
This filter affects the following Last Year reports:
–
Internal Users
–
Internal User Details
–
IP Addresses for Outgoing Senders