Viewing the Mail Security Event log
|Article:HOWTO82467|||||Created: 2012-11-30|||||Updated: 2014-06-25|||||Article URL http://www.symantec.com/docs/HOWTO82467|
Mail Security reports server events and policy violations (such as threat detections and filtering violations) to the Windows Application event log. You can access the Windows Application Event Log on the computer on which Mail Security is installed. For more information about how to access and use the Windows Application Event Log, see the documentation for your Exchange server.
The Mail Security Event Log lets you view and sort event data that is generated by Mail Security and written to the Windows Application Event Log. You can view the Mail Security Event Log from the console. You can filter event data by categories. You can also select a start date from which to begin displaying event data. When you select an event in the Event Log table, details about the event appear in the preview pane.
The Mail Security Event Log displays the 5000 most recent Mail Security events from the Windows Application Event Log, per server. For example, if your group contains five servers, the event log can display up to 25,000 events.
The Event Log displays the following information:
Manually refresh the page if it is blank or to refresh the page to view the most recent events. In a large group, refreshing the page might take several minutes.
To view the Mail Security Event Log
In the console on the primary navigation bar, click Monitors.
In the sidebar under Views, click Event Log.
Click the column headers to sort the list data by different criteria.
To filter the Mail Security Event Log
Under the Event Log table, in the Number of items per page list, select a number of items that you want to view per page using the drop-down menu.
The default value is 10.
In the List box, select a category on which to filter the event data using the drop-down menu.
In the entries since list, select a start date from which to begin displaying event data using the drop-down menu.
Article URL http://www.symantec.com/docs/HOWTO82467