log web appliance

Good morning to all

one question, is possible on virtual web appliance,  access the Proxy log and extract it? erase it? or erase only some of them about some users?

thanks

Regards

Franco

  • Hi Franco,

     

    francoBigai

    Good morning to all

    one question, is possible on virtual web appliance,  access the Proxy log and extract it? erase it? or erase only some of them about some users?

     

    sounds like your referring to a web appliance and not the email appliance. 

    to access the raw proxy logs you must enable syslog server and export the logs to a 3rd party server

    you can not erase the logs on the appliance its self.

    if you are missing logs for specific user..

    go into the policy tester, 

    enter domain\username

    and a test site..

    this will tell you the user group the user belongs to.

    under the additional policy policy tab.

    check the setting "additional options"  there is a check box that says "do not log traffic for this policy"  

    chances are this is checked off and the expected traffic is not been logged.

     

    the other thing that may cause this is if the traffic is not actually going to the appliance.    this could be caused by things like:

    exclusions on the redirection methods,  ip based policy, authentication, or similar.