질문
Cisco ESA(Email Security Appliance)에서 로그를 생성하고 구성하려면 어떻게 해야 합니까?
답변
Cisco ESA(Email Security Appliance)의 중요한 기능은 로깅 기능입니다. ESA의 AsyncOS는 다양한 유형의 정보를 기록하면서 다양한 유형의 로그를 생성할 수 있습니다. 로그 파일에는 시스템의 다양한 구성 요소에서 발생한 일반 작업 및 예외 사항에 대한 레코드가 포함되어 있습니다. 이 정보는 Cisco ESA를 모니터링하는 동안뿐만 아니라 문제 해결 또는 성능 확인 중에도 유용하게 사용할 수 있습니다.
로그는 CLI에서 "logconfig" 명령을 사용하거나 GUI에서 'System Administration(시스템 관리) > 'Log Subscriptions(로그 서브스크립션)' > 'Add Log Subscription ...'을 사용하여 구성하고 생성할 수 있습니다.
다음은 CLI를 사용하여 LDAP 디버그 로그 서브스크립션을 생성하는 예입니다.
-------------------------------------------------------------------------------------
CLI> logconfig
Currently configured logs:
1. "antivirus" Type: "Anti-Virus Logs" Retrieval: FTP Poll
2. "avarchive" Type: "Anti-Virus Archive" Retrieval: FTP Poll
3. "bounces" Type: "Bounce Logs" Retrieval: FTP Poll
4. "brightmail" Type: "Symantec Brightmail Anti-Spam Logs" Retrieval: FTP Poll
5. "cli_logs" Type: "CLI Audit Logs" Retrieval: FTP Poll
Choose the operation you want to perform:
- NEW - Create a new log.
- EDIT - Modify a log subscription.
- DELETE - Remove a log subscription.
- SETUP - General settings.
- LOGHEADERS - Configure headers to log.
- HOSTKEYCONFIG - Configure SSH host keys.
[]> NEW
Choose the log file type for this subscription:
...
2. qmail Format Mail Logs
3. Delivery Logs
4. Bounce Logs
5. Status Logs
6. Domain Debug Logs
7. Injection Debug Logs
8. System Logs
9. CLI Audit Logs
10. FTP Server Logs
11. HTTP Logs
12. NTP logs
13. Mailflow Report Logs
14. Symantec Brightmail Anti-Spam Logs
15. Symantec Brightmail Anti-Spam Archive
16. Anti-Virus Logs
17. Anti-Virus Archive
18. LDAP Debug Logs
[1]> 18
Please enter the name for the log:
[]> ldap_debug
Choose the method to retrieve the logs.
1. FTP Poll
2. FTP Push
3. SCP Push
[1]>
Filename to use for log files:
[ldap.log]>
Please enter the maximum file size:
[10485760]>
Please enter the maximum number of files:
[10]>
Currently configured logs:
1. "antivirus" Type: "Anti-Virus Logs" Retrieval: FTP Poll
2. "avarchive" Type: "Anti-Virus Archive" Retrieval: FTP Poll
3. "bounces" Type: "Bounce Logs" Retrieval: FTP Poll
....
7. "ftpd_logs" Type: "FTP Server Logs" Retrieval: FTP Poll
8. "gui_logs" Type: "HTTP Logs" Retrieval: FTP Poll
9. "ldap_debug" Type: "LDAP Debug Logs" Retrieval: FTP Poll
.....
CLI> commit
다음은 기존 로그를 수정하는 예제입니다.
-------------------------------------------------------------------------------------
CLI> logconfig
Currently configured logs:
1. "antivirus" Type: "Anti-Virus Logs" Retrieval: FTP Poll
2. "avarchive" Type: "Anti-Virus Archive" Retrieval: FTP Poll
3. "bounces" Type: "Bounce Logs" Retrieval: FTP Poll
4. "brightmail" Type: "Symantec Brightmail Anti-Spam Logs" Retrieval: FTP Poll
5. "cli_logs" Type: "CLI Audit Logs" Retrieval: FTP Poll
.....
Choose the operation you want to perform:
- NEW - Create a new log.
- EDIT - Modify a log subscription.
- DELETE - Remove a log subscription.
- SETUP - General settings.
- LOGHEADERS - Configure headers to log.
- HOSTKEYCONFIG - Configure SSH host keys.
[]> EDIT
Enter the number of the log you wish to edit.
[]> 9
Please enter the name for the log:
[ldap_debug]>
Choose the method to retrieve the logs.
1. FTP Poll
2. FTP Push
3. SCP Push
[1]>
Please enter the filename for the log:
[ldap.log]>
Please enter the maximum file size:
[10485760]> 52422880
Please enter the maximum number of files:
[10]> 100
Currently configured logs:
1. "antivirus" Type: "Anti-Virus Logs" Retrieval: FTP Poll
2. "avarchive" Type: "Anti-Virus Archive" Retrieval: FTP Poll
3. "bounces" Type: "Bounce Logs" Retrieval: FTP Poll
4. "brightmail" Type: "Symantec Brightmail Anti-Spam Logs" Retrieval: FTP Poll
5. "cli_logs" Type: "CLI Audit Logs" Retrieval: FTP Poll
....
CLI > commit