Screencasts - Hilfsvideos

How to excluded logs after collect (Used this Cisco IronPort Web Security)

Created: 04 Jan. 2013 • Aktualisiert: 10 Jan. 2013 | 5 Kommentare
Dieses Problem wurde gelöst. Siehe Lösung.

Hi people,

I configured the collector Cisco IronPort Web Security for excluded archives after collected.

This option delete after processing, but is not function.



Kommentare KommentareZum neuesten Kommentar

das Bild der Laurent_cs

If I understood correctly what you want to do:

in your archive rules, you need to add a filter to exclude the Event. (a reverse filter if you don;t want them written to archive.) Something like :

"Product not equal to Cisco IronPort Web Security"

das Bild der Ronaldo.Santoss

After colect logs this not excluded automatic.

The screenshot this actually configuration.

das Bild der SK Oois

I think you  got to wait until the system has rolled over to a new log file before the OLD one is deleted. It will not remove entries from the existing log files, if I guess that is what you are after.


das Bild der Ronaldo.Santoss

I was waiting for the logs but not extinguished alone, I made a script to delete all night the day before.

I never used this option exclusion.

When the log file reaches 100 mb is created a new

Does it have size limit for the log file?

Do you think it would be interesting to let smaller?


das Bild der Ronaldo.Santoss

Hi people,

I find solution this problem the service agent is used with account the service.