Cisco Cisco Email Security Appliance C160 用户指南
34-3
Cisco AsyncOS 8.0.1 for Email User Guide
Chapter 34 Logging
Overview
HTTP Logs
HTTP logs record information about the HTTP and/or secure HTTP services
enabled on the interface. Because the graphical user interface (GUI) is
accessed via HTTP, the HTTP logs are ostensibly the GUI equivalent of the
CLI Audit logs. Session data (new session, session expired) and pages
accessed in the GUI are recorded.
enabled on the interface. Because the graphical user interface (GUI) is
accessed via HTTP, the HTTP logs are ostensibly the GUI equivalent of the
CLI Audit logs. Session data (new session, session expired) and pages
accessed in the GUI are recorded.
These logs also include information about SMTP transactions, for example
information about scheduled reports emailed from the appliance.
information about scheduled reports emailed from the appliance.
NTP Logs
NTP logs record the conversation between the appliance and any NTP
(Network Time Protocol) servers configured. For more information, see
“Editing the Network Time Protocol (NTP) Configuration (Time Keeping
Method)” in the “System Administration” chapter of the Cisco IronPort
AsyncOS for Email Configuration Guide.
(Network Time Protocol) servers configured. For more information, see
“Editing the Network Time Protocol (NTP) Configuration (Time Keeping
Method)” in the “System Administration” chapter of the Cisco IronPort
AsyncOS for Email Configuration Guide.
LDAP Debug Logs
LDAP debug logs are meant for debugging LDAP installations. (See the
“LDAP Queries” chapter in the Cisco IronPort AsyncOS for Email Advanced
Configuration Guide.) Useful information about the queries that the Cisco
appliance is sending to the LDAP server are recorded here.
“LDAP Queries” chapter in the Cisco IronPort AsyncOS for Email Advanced
Configuration Guide.) Useful information about the queries that the Cisco
appliance is sending to the LDAP server are recorded here.
Anti-Spam Logs
Anti-spam logs record the status of the anti-spam scanning feature of your
system, including the status on receiving updates of the latest anti-spam
rules. Also, any logs related to the Context Adaptive Scanning Engine are
logged here.
system, including the status on receiving updates of the latest anti-spam
rules. Also, any logs related to the Context Adaptive Scanning Engine are
logged here.
Anti-Spam Archive
If you enabled an Anti-Spam scanning feature, messages that are scanned
and associated with the “archive message” action are archived here. The
format is an mbox-format log file. For more information about anti-spam
engines, see the “Anti-Spam” chapter in the Cisco IronPort AsyncOS for
Email Configuration Guide.
and associated with the “archive message” action are archived here. The
format is an mbox-format log file. For more information about anti-spam
engines, see the “Anti-Spam” chapter in the Cisco IronPort AsyncOS for
Email Configuration Guide.
Anti-Virus Logs
AntiVirus logs record the status of the anti-virus scanning feature of your
system, including the status on receiving updates of the latest anti-virus
identity files.
system, including the status on receiving updates of the latest anti-virus
identity files.
Anti-Virus Archive
If you enabled an anti-virus engine, messages that are scanned and associated
with the “archive message” action are archived here. The format is an
mbox-format log file. For more information, see the “Anti-Virus” chapter in
the Cisco IronPort AsyncOS for Email Configuration Guide.
with the “archive message” action are archived here. The format is an
mbox-format log file. For more information, see the “Anti-Virus” chapter in
the Cisco IronPort AsyncOS for Email Configuration Guide.
Scanning Logs
The scanning log contains all LOG and COMMON messages for scanning
engines (see the Alerts section of the “System Administration” chapter in the
Cisco IronPort AsyncOS for Email Configuration Guide). This is typically
application faults, alert sent, alert failed, and log error messages. This log
does not apply to system-wide alerts.
engines (see the Alerts section of the “System Administration” chapter in the
Cisco IronPort AsyncOS for Email Configuration Guide). This is typically
application faults, alert sent, alert failed, and log error messages. This log
does not apply to system-wide alerts.
IronPort Spam Quarantine
Logs
Logs
IronPOrt Spam Quarantine logs record actions associated with the Cisco
Spam Quarantine processes.
Spam Quarantine processes.
IronPort Spam Quarantine
GUI Logs
GUI Logs
IronPort Spam Quarantine logs record actions associated with the Cisco
Spam Quarantine including configuration via the GUI, end user
authentication, and end user actions (releasing email, etc.).
Spam Quarantine including configuration via the GUI, end user
authentication, and end user actions (releasing email, etc.).
SMTP Conversation Logs
The SMTP conversation log records all parts of incoming and outgoing
SMTP conversations.
SMTP conversations.
Table 34-1
Log Types (continued)
Log
Description