You can configure Symantec Brightmail Gateway to send message audit log data to a remote syslog. All log messages sent to a remote syslog have the same prefix text.
See Standard prefix for Scanner logs sent to remote syslog.
The message audit log messages sent to the remote syslog take the following form:
Standard prefix |
Date and time |
Scanner host name |
Process: |
Message |
---|---|---|---|---|
Date, time, facility, log level, and IP address |
Jan 15 15:42 |
scanner1 |
ecelerity: |
1230876822|0ad9200d-b7b61ae000005b81-00-495db08c9df2|DELIVER|10.217.32.13|[email protected] |
Date in the format month date. Time in the format hour:minute. The time is in 24-hour clock notation. This is the date and time that the log message was recorded on the Scanner. |
Name of the Scanner on which the log message was created. |
Name of the process that generated the log message. |
Log message. |
The following is a log message for one event as it would appear on the remote syslog.
01-15-2009 11:44:53 Local3.Info 10.217.32.13 Jan 15 15:42:42 scanner1 ecelerity: 1230876822|0ad9200d-b7b61ae000005b81-00- 495db08c9df2|DELIVER|10.217.32.13|[email protected]