Logs

Logs information from the service responsible for adding reporting data to the report database, and generating scheduled reports.

Logs details of backups.

Logs details of revoked certificates, certificates with warnings, and the results of certificate validation checks.

Logs the use of secure shell (sshd) to log in to the Clearswift Gateway Console, and the user of the su command from the Console.

Logs details of decryption.

Logs details of encryption.

Logs when FIPS mode is enabled.

Log output from syslog-ng.

Logs information about hardware events, such as disk-failures and temperature warnings.

Logs information about statistics displayed by the System Health page.

Logs information from the service responsible for message area management, batch processing, managed downloads, and message tracking.

Logs information from the services responsible for Bulk Email Detection, Junk Email and Malware Detection.

Logs Kaspersky updates

When exported to a syslog server, the time stamp of this log represents the time of export, rather than the time the log was generated.

Logs Linux kernel information.

Logs information from the service responsible for updating LDAP Synchronized Address Lists.

Logs Mail Alert Transport information.

Logs when synchronization of the data in the manager relationships file occurs.

Logs details of message transactions between the Gateway and a connected Information Governance server (IGS) or Critical Information Protection server (CIPS).

Logs details of messages processed by the Gateway. The Message Transaction log displays the date and time of the event, the message ID, message event type and outcome, attachment names and sender and recipient information. Message Transaction logs are recorded once per hour, with a delay of approximately 10 minutes.

Logs details of peer communications.

Logs the following PMM operations:

• ARL: message automatically released because the sender was trusted
• NFY: message digest sent to a user
• DLT: message deleted by a user
• LNK: request to send a user a link to their trusted sender management page (PMM Lite mode only)
• RFP: false-positive reports when a message is released as Not Junk Mail
• RLS: message released by a user
• Queries made to Active Directory as a result of users logging in to the PMM portal

Logs information from the service that generates PMM message digests and actions users' PMM deliver and delete requests.

Logs user operations information from the PMM Mobile.

Logs warnings for any discrepancies in the certificate used by the server.

Logs information from the web server that responds to users' PMM Deliver and Delete requests.

Logs information from the Clearswift Gateway Policy Engine.

Logs all alerts generated by the Clearswift Gateway Policy Engine, including those generated as a result of "Generate an Alert" actions in content rules.

Logs the starting and stopping of the system services during:

• System startup
• System shutdown
• Installation of a software upgrade

When exported to a syslog server, the time stamp of this log represents the time of export, rather than the time the log was generated.

Logs the status history of supported services, including managed lists, anti-virus updates and reputation uploads.

Logs information from the inbound and outbound Postfix.

AUTH: Successful SMTP authentication is indicated with details.

The Gateway checks for new software downloads at regular intervals. If new downloads are available, the Gateway downloads and validates them to ensure they are fit for live deployment. This log shows the messages output by the download.

The Gateway checks for new software updates at regular intervals. When software updates have been downloaded, you can manually begin the update process. This log displays the output of the update process after updates have been selected and run.

Displays detected threats including the EICAR test, which is used by Sophos to validate updates to the anti-virus definitions.

When exported to a syslog server, the time stamp of this log represents the time of export, rather than the time the log was generated.

The Gateway checks for new anti-virus definitions at frequent intervals. If new updates are available from Sophos, it downloads them and validates them to ensure they are fit for live deployment. This log shows the messages output by the download and validation scripts.

When exported to a syslog server, the time stamp of this log represents the time of export, rather than the time the log was generated.

Logs information about the SQL database.

Logs all system errors collectively.

Logs output from general housekeeping (e.g. database optimization) and configuration deployment tasks

Logs data written to /var/log/cs-gateway/daemon.log, in particular from the Network Time Protocol service.

Logs information about the Transaction Log Export Log.

Logs information from the service responsible for automatic software upgrades.

Logs information from the Clearswift Gateway web server that handles user interface requests.

Logs user session navigation information.

Logs recovery actions taken by the Clearswift Gateway watchdog, which is responsible for housekeeping duties and for ensuring that Services are running.