Where are the logs stored on the Messaging Gateway?

book

Article ID: 177729

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

You want to know which logs are stored on the Control Center and which are stored on a Scanner.

 

Resolution

Symantec Messaging Gateway logs information about the Control Center, Spam Quarantine, and Scanners.
You specify the level of information that you want logged.
Some Scanner logs can be sent to syslog on a remote server in addition to or instead of being viewed on the Control Center.

NOTE
Scanner log files are maintained on the Scanner.
At a regularly scheduled interval (the default is 5 minutes), Symantec Brightmail Gateway's Control Center accesses Scanner logs.
It copies and stores the Scanner log information in a log database that is stored on the Control Center.
When you generate a log from the Control Center, Symantec Messaging Gateway uses the information in the log database to compile the report.

You must have Full Administration rights or Manage Status and Logs view or modify rights to view logs.


Please refer to the related document:
'How to manage the size of the log database on Symantec Messaging Gateway Control Center'

if you want to:

  • Modify the maximum size of the log database.
  • Purge the files that are in the log database at the frequency and interval that you choose.




Log types

  • Scanner logs
  • Control Center logs:
    • Console
    • Database
    • LDAP
    • Events
    • Quarantine logs
       


Scanner log types

Scanner log type Description
Conduit Records the status about downloading antispam rules and
uploading statistics.
Brightmail Client Records the status about message filtering.
Brightmail Engine Records the status of the Brightmail Engine.
JLU Controller Records the status about Java LiveUpdate virus definition
downloads. This log is the primary log file that you should use for
troubleshooting issues or for monitoring the product.
JLU Client An auxiliary log file to the JLU Controller log file that records the
status about Java LiveUpdate virus definition downloads. Use this log file only when the JLU Controller log file does not contain
enough information for troubleshooting an issue.
MTA Records the status about sending and receiving email.
IM Relay Records the status about instant messaging activities, such as
scanning instant messages for viruses.
Premium Compliance Records the status about Premium Compliance.

Control Center log types—Console

Console log file Description
BrightmailLog.log Records the status about Control Center interactions.
catalina<date>.log and
catalina.out
Records the status from the Tomcat web server. The Control Center runs inside the Tomcat server. These files contain the messages that are generated from the Tomcat Server and also the applications that run within Tomcat.

 


Control Center log types—Database

 

Database log file Description
error.log Records any errors that occur while the Control Center accesses the MySQL database.
slow-queries.log Records the slow MySQL queries.

 


Control Center log types—LDAP

 

LDAP log file Description
access.log.1 Records the status of the LDAP commands that run by the LDAP synchronization and replication service.
command.log.1 Records the internal commands that run by the
LDAP synchronization and replication service.
<directory_type>CNA.trace.log Records the status of the change notification
agent for a directory that relates to LDAP
synchronization and replication.
ensure.log.1 Records the status of the LDAP synchronization
and replication service.
error.log.1 Records the LDAP errors that relate to the LDAP
synchronization and replication service.
init.log Records the operational status of the LDAP
synchronization and replication service.
mapping_upgrade.log Records the status of the LDAP synchronization
and replication service migration utility.
trace.log.1 Records the status of the LDAP synchronization
and replication service.


Control Center log types - events

Event log file Description
Brightmail_Admin_Events.<yyy-mm-dd>.log Records all changes made in the Control Center for the date indicated in the log file name.

Quarantine log types

Quarantine log file Description
Release Records the To address, From address, and Subject of each message that is released from Spam Quarantine.
It also records the user who released each message and a timestamp.

 

 

 


References
This information was taken from the Symantec  Messaging Gateway Administration Guide

 

 

 


This administration guide can be found here:
http://www.symantec.com/business/support/documentation.jsp?language=english&view=manuals&pid=53991

or here:
ftp://ftp.entsupport.symantec.com/pub/support/documentation/sbg_administration_guide.pdf