Authentication Logs
|
The
authentication log records successful logins and unsuccessful login attempts,
for locally and externally authenticated users, for both GUI and CLI access to
the Security Management appliance.
In Debug and
more verbose modes, if external authentication is turned on, all LDAP queries
appear in these logs.
|
Backup Logs
|
Backup logs
record the backup process from start to finish.
Information
about backup scheduling is in the SMA logs.
|
CLI Audit
Logs
|
The CLI audit
logs record all CLI activity on the system.
|
Configuration
History Logs
|
Configuration
history logs record the following information: What changes were made on the
Security Management appliance, and when were the changes made? A new
configuration history log is created each time a user commits a change.
|
FTP Server
Logs
|
FTP logs
record information about the FTP services enabled on the interface. Connection
details and user activity are recorded.
|
GUI logs
|
GUI logs
include a history of page refreshes in the web interface, session data, and the
pages a user accesses. You can use the gui_log to track user activity or
investigate errors that users see in the GUI. The error traceback will normally
be in this log.
GUI logs also
include information about SMTP transactions, for example information about
scheduled reports emailed from the appliance.
|
HTTP Logs
|
HTTP logs
record information about the HTTP and secure HTTP services enabled on the
interface. Because the graphical user interface (GUI) is accessed through HTTP,
the HTTP logs are essentially the GUI equivalent of the CLI audit logs. Session
data (for example, new sessions and expired sessions) are recorded, as well as
the pages accessed in the GUI.
|
Haystack logs
|
Haystack logs
record web transaction tracking data processing.
|
Text Mail
Logs
|
Text mail
logs record information about the operations of the email system (for example,
message receiving, message delivery attempts, opening and closing connections,
bouncing messages, and so forth).
For important information about when attachment names are included in mail logs, see Tracking Service Overview.
|
LDAP Debug
Logs
|
Use these
logs to debug problems when you are configuring LDAP in System Administration
> LDAP.
For example,
these logs record the results of clicking the Test Server and Test Queries
buttons.
For
information about failed LDAP authentications, see the Authentication logs.
|
NTP Logs
|
NTP logs
record the conversation between the appliance and any configured Network Time
Protocol (NTP) servers. For information about configuring NTP servers, see
Configuring the System Time.
|
Reporting
Logs
|
Reporting
logs record actions associated with the processes of the centralized reporting
service.
|
Reporting
Query Logs
|
Reporting
query logs record actions associated with the reporting queries that are run on
the appliance.
|
SMA Logs
|
SMA logs
record actions associated with general Security Management appliance processes,
not including the processes of the centralized reporting, centralized tracking,
and spam quarantine services.
These logs
include information about backup scheduling.
|
SNMP Logs
|
SNMP logs
record debug messages related to the SNMP network management engine. In Trace
or Debug mode, this includes SNMP requests to the Security Management
appliance.
|
Safelist/Blocklist Logs
|
Safelist/blocklist logs record data about the safelist/blocklist settings and
database.
|
Spam
Quarantine GUI Logs
|
Spam
quarantine GUI logs record actions associated with the spam quarantine GUI,
such as quarantine configuration through the GUI, end user authentication, and
end user actions (for example, releasing email).
|
Spam
Quarantine Logs
|
Spam
quarantine logs record actions associated with the spam quarantine processes.
|
Status Logs
|
Status logs
record system statistics found in the CLI status commands, including status
detail and dnsstatus . The period of recording is set using the setup
subcommand in logconfig . Each counter or rate reported in status logs is the
value since the last time the counter was reset.
|
System Logs
|
System logs
record the following: boot information, DNS status information, and comments
users typed using the commit command. System logs are useful for
troubleshooting the state of the appliance.
|
Tracking
Logs
|
Tracking
logs record actions associated with the processes of the tracking service.
Tracking logs are a subset of the mail logs.
|
Updater
Logs
|
Information
about service updates, such as time zone updates.
|
Upgrade
Logs
|
Status
information about upgrade download and installation.
|