Working with Logs

Article:HOWTO59359  |  Created: 2011-10-04  |  Updated: 2011-10-04  |  Article URL http://www.symantec.com/docs/HOWTO59359
Article Type
How To


Subject


Working with Logs

Each Scanner maintains a database of log information. You can view these logs on the Control Center. This information lets you diagnose error conditions and keep track of many aspects of your system during its operation.

You can store the log data for the following Symantec Message Filter components:

  • Server

  • Client

  • Conduit

  • Harvester

  • AntiVirus Cleaner

  • LiveUpdate

You can designate the severity of errors that you want written to the log files. Symantec Message Filter provides several logging levels, with each successive level including all errors from the previous levels. The default logging level for each Symantec Message Filter software component is Warnings.

You can choose from the following log levels:

  • Errors

  • Warnings

  • Notices

  • Information

  • Debug

Symantec Message Filter provides a message auditing component that lets you save the message audit logs to bmserver logs or system logs. The Message audit log provides you with a trail of detailed information about every message that the Scanner has processed. Auditing information is used to track what decisions were made within a single Scanner framework. The Message audit log does not replace debug or information level logging. Unlike standard Scanner logging, the Message audit log provides information specifically associated with a message.

Bmserver logs are saved in bmserver_log.txt file at the following locations:

Windows scanner

Scanner\Logs\bmserver_log.txt

UNIX scanner

/var/log/brightmail/bmserver_log

The configuration of the facilities lets you direct messages to various local files. The specified facility does all the logging when you use the Syslog. The default facility is mail. You can configure Syslog for the following facilities: kern, mail, user, daemon, auth, lpr, news, uucp, cron, local0, local1, local2, local2, local3, local4, local5, local6, local7.

See Configuring the syslog.conf file for Syslog facilities settings.

To limit the size of the database that stores log data, Symantec Message Filter stores seven days of log data with a maximum storage allotment of 512 MB. If the database already has 512 MB of data or seven days of data, the oldest log data is deleted. To keep more log data for a longer period, you can change the default maximum log size and retention period settings.

See Modifying Log settings


Legacy ID



id-SF9E0613656_v64406064


Article URL http://www.symantec.com/docs/HOWTO59359


Terms of use for this information are found in Legal Notices