IronPort - daily management guide - AsyncOS 7.6.1
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Chapter 5 Logging<br />
OL-25138-01<br />
Table 5-1 Log Types (continued)<br />
Log Description<br />
CLI Audit Logs The CLI audit logs record all CLI activity on the system.<br />
Cisco <strong>IronPort</strong> <strong>AsyncOS</strong> 7.6 for Email Daily Management Guide<br />
Overview<br />
FTP Server Logs FTP logs record information about the FTP services enabled on the interface.<br />
Connection details and user activity are recorded.<br />
HTTP Logs HTTP logs record information about the HTTP and/or secure HTTP services<br />
enabled on the interface. Because the graphical user interface (GUI) is<br />
accessed via HTTP, the HTTP logs are ostensibly the GUI equivalent of the<br />
CLI Audit logs. Session data (new session, session expired) and pages<br />
accessed in the GUI are recorded.<br />
NTP Logs NTP logs record the conversation between the appliance and any NTP<br />
(Network Time Protocol) servers configured. For more information, see<br />
“Editing the Network Time Protocol (NTP) Configuration (Time Keeping<br />
Method)” in the “System Administration” chapter of the Cisco <strong>IronPort</strong><br />
<strong>AsyncOS</strong> for Email Configuration Guide.<br />
LDAP Debug Logs LDAP debug logs are meant for debugging LDAP installations. (See the<br />
“LDAP Queries” chapter in the Cisco <strong>IronPort</strong> <strong>AsyncOS</strong> for Email Advanced<br />
Configuration Guide.) Useful information about the queries that the Cisco<br />
<strong>IronPort</strong> appliance is sending to the LDAP server are recorded here.<br />
Anti-Spam Logs Anti-spam logs record the status of the anti-spam scanning feature of your<br />
system, including the status on receiving updates of the latest anti-spam<br />
rules. Also, any logs related to the Context Adaptive Scanning Engine are<br />
logged here.<br />
Anti-Spam Archive If you enabled an Anti-Spam scanning feature, messages that are scanned<br />
and associated with the “archive message” action are archived here. The<br />
format is an mbox-format log file. For more information about anti-spam<br />
engines, see the “Anti-Spam” chapter in the Cisco <strong>IronPort</strong> <strong>AsyncOS</strong> for<br />
Email Configuration Guide.<br />
Anti-Virus Logs AntiVirus logs record the status of the anti-virus scanning feature of your<br />
system, including the status on receiving updates of the latest anti-virus<br />
identity files.<br />
Anti-Virus Archive If you enabled an anti-virus engine, messages that are scanned and associated<br />
with the “archive message” action are archived here. The format is an<br />
mbox-format log file. For more information, see the “Anti-Virus” chapter in<br />
the Cisco <strong>IronPort</strong> <strong>AsyncOS</strong> for Email Configuration Guide.<br />
Scanning Logs The scanning log contains all LOG and COMMON messages for scanning<br />
engines (see the Alerts section of the “System Administration” chapter in the<br />
Cisco <strong>IronPort</strong> <strong>AsyncOS</strong> for Email Configuration Guide). This is typically<br />
application faults, alert sent, alert failed, and log error messages. This log<br />
does not apply to system-wide alerts.<br />
<strong>IronPort</strong> Spam Quarantine<br />
Logs<br />
<strong>IronPort</strong> Spam Quarantine<br />
GUI Logs<br />
IronPOrt Spam Quarantine logs record actions associated with the Cisco<br />
<strong>IronPort</strong> Spam Quarantine processes.<br />
<strong>IronPort</strong> Spam Quarantine logs record actions associated with the Cisco<br />
<strong>IronPort</strong> Spam Quarantine including configuration via the GUI, end user<br />
authentication, and end user actions (releasing email, etc.).<br />
SMTP Conversation Logs The SMTP conversation log records all parts of incoming and outgoing<br />
SMTP conversations.<br />
5-3