ESA域調試日誌配置示例

下載選項

  • PDF     (332.1 KB)
    在多種裝置上使用 Adobe Reader 檢視
  • ePub     (80.7 KB)
    在 iPhone、iPad、Android、Sony Reader 或 Windows Phone 上的各種應用程式中檢視
  • Mobi (Kindle)     (64.2 KB)
    在 Kindle 裝置或多部裝置的 Kindle 應用程式上檢視
已更新: 2014 年 6 月 25 日
文件 ID:117848

無偏見用語

本產品的文件集力求使用無偏見用語。針對本文件集的目的,無偏見係定義為未根據年齡、身心障礙、性別、種族身分、民族身分、性別傾向、社會經濟地位及交織性表示歧視的用語。由於本產品軟體使用者介面中硬式編碼的語言、根據 RFP 文件使用的語言,或引用第三方產品的語言,因此本文件中可能會出現例外狀況。深入瞭解思科如何使用包容性用語。

關於此翻譯

思科已使用電腦和人工技術翻譯本文件,讓全世界的使用者能夠以自己的語言理解支援內容。請注意,即使是最佳機器翻譯,也不如專業譯者翻譯的內容準確。Cisco Systems, Inc. 對這些翻譯的準確度概不負責,並建議一律查看原始英文文件(提供連結)。

簡介

本文檔介紹如何在思科郵件安全裝置(ESA)上配置域調試日誌。

必要條件

需求

思科建議您瞭解以下主題:

  • Cisco ESA
  • AsyncOS

採用元件

本文檔中的資訊基於所有AsyncOS版本。

本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路正在作用,請確保您已瞭解任何指令可能造成的影響。

背景資訊

域調試日誌是一個系統日誌,旨在記錄特定域和ESA之間有限數量的會話的所有簡單郵件傳輸協定(SMTP)流量。

此日誌型別有助於嘗試對與特定收件人域或主機相關問題進行故障排除。記錄每個會話,直到達到定義的會話數,然後停止資料收集。要在記錄所有會話之前結束域調試日誌資料收集,您可以刪除或編輯日誌訂閱。

設定

為了建立和配置域調試日誌,請將logconfig命令輸入ESA CLI。

注意:如果要使用ESA GUI配置域調試日誌,請參閱高級使用手冊日誌訂閱部分。

以下是使用ESA CLI建立域調試日誌的示例:

example.com> logconfig

Currently configured logs:
1. "antispam" Type: "Anti-Spam Logs" Retrieval: FTP Poll
2. "antivirus" Type: "Anti-Virus Logs" Retrieval: FTP Poll
3. "asarchive" Type: "Anti-Spam Archive" Retrieval: FTP Poll
4. "avarchive" Type: "Anti-Virus Archive" Retrieval: FTP Poll
5. "bounces" Type: "Bounce Logs" Retrieval: FTP Poll
6. "cli_logs" Type: "CLI Audit Logs" Retrieval: FTP Poll
7. "error_logs" Type: "IronPort Text Mail Logs" Retrieval: FTP Poll
8. "euq_logs" Type: "IronPort Spam Quarantine Logs" Retrieval: FTP Poll
9. "euqgui_logs" Type: "IronPort Spam Quarantine GUI Logs" Retrieval: FTP Poll
10. "ftpd_logs" Type: "FTP Server Logs" Retrieval: FTP Poll
11. "gui_logs" Type: "HTTP Logs" Retrieval: FTP Poll
12. "mail_logs" Type: "IronPort Text Mail Logs" Retrieval: FTP Poll
13. "reportd_logs" Type: "Reporting Logs" Retrieval: FTP Poll
14. "reportqueryd_logs" Type: "Reporting Query Logs" Retrieval: FTP Poll
15. "scanning" Type: "Scanning Logs" Retrieval: FTP Poll
16. "sntpd_logs" Type: "NTP logs" Retrieval: FTP Poll
17. "status" Type: "Status Logs" Retrieval: FTP Poll
18. "system_logs" Type: "System Logs" Retrieval: FTP Poll
19. "updater_logs" Type: "Updater Logs" Retrieval: FTP Poll

Choose the operation you want to perform:
- NEW - Create a new log.
- EDIT - Modify a log subscription.
- DELETE - Remove a log subscription.
- SETUP - General settings.
- LOGHEADERS - Configure headers to log.
- HOSTKEYCONFIG - Configure SSH host keys.
[]> new

Choose the log file type for this subscription:
1. IronPort Text Mail Logs
2. qmail Format Mail Logs
3. Delivery Logs
4. Bounce Logs
5. Status Logs
6. Domain Debug Logs
7. Injection Debug Logs
8. System Logs
9. CLI Audit Logs
10. FTP Server Logs
11. HTTP Logs
12. NTP logs
13. LDAP Debug Logs
14. Anti-Virus Logs
15. Anti-Virus Archive
16. Scanning Logs
17. IronPort Spam Quarantine Logs
18. IronPort Spam Quarantine GUI Logs
19. Reporting Logs
20. Reporting Query Logs
21. Updater Logs
[1]> 6

Please enter the name for the log:
[]> debug_example

Enter the name of the domain for which you want to record debug information.
[]> example.com

Please enter the number of SMTP sessions you want to record for this domain.
[1]> 8

Choose the method to retrieve the logs.
1. FTP Poll
2. FTP Push
3. SCP Push
4. Syslog Push
[1]>

Filename to use for log files:
[example.com.text]> example.com.text

Please enter the maximum file size:
[10485760]>

Please enter the maximum number of files:
[10]>

Currently configured logs:
1. "antispam" Type: "Anti-Spam Logs" Retrieval: FTP Poll
2. "antivirus" Type: "Anti-Virus Logs" Retrieval: FTP Poll
3. "asarchive" Type: "Anti-Spam Archive" Retrieval: FTP Poll
4. "avarchive" Type: "Anti-Virus Archive" Retrieval: FTP Poll
5. "bounces" Type: "Bounce Logs" Retrieval: FTP Poll
6. "cli_logs" Type: "CLI Audit Logs" Retrieval: FTP Poll
7. "debug_example" Type: "Domain Debug Logs" Retrieval: FTP Poll
8. "error_logs" Type: "IronPort Text Mail Logs" Retrieval: FTP Poll
9. "euq_logs" Type: "IronPort Spam Quarantine Logs" Retrieval: FTP Poll
10. "euqgui_logs" Type: "IronPort Spam Quarantine GUI Logs" Retrieval: FTP Poll
11. "ftpd_logs" Type: "FTP Server Logs" Retrieval: FTP Poll
12. "gui_logs" Type: "HTTP Logs" Retrieval: FTP Poll
13. "mail_logs" Type: "IronPort Text Mail Logs" Retrieval: FTP Poll
14. "reportd_logs" Type: "Reporting Logs" Retrieval: FTP Poll
15. "reportqueryd_logs" Type: "Reporting Query Logs" Retrieval: FTP Poll
16. "scanning" Type: "Scanning Logs" Retrieval: FTP Poll
17. "sntpd_logs" Type: "NTP logs" Retrieval: FTP Poll
18. "status" Type: "Status Logs" Retrieval: FTP Poll
19. "system_logs" Type: "System Logs" Retrieval: FTP Poll
20. "updater_logs" Type: "Updater Logs" Retrieval: FTP Poll

Choose the operation you want to perform:
- NEW - Create a new log.
- EDIT - Modify a log subscription.
- DELETE - Remove a log subscription.
- SETUP - General settings.
- LOGHEADERS - Configure headers to log.
- HOSTKEYCONFIG - Configure SSH host keys.
[]>

example.com> commit

驗證

以下是ESA向收件人域example.com傳送消息時的域調試日誌示例: 

Tue Mar 22 16:52:07 2005 Info: 411 Rcvd: '220 ESmtp mail.example.com
 ESMTP service ready'
Tue Mar 22 16:52:07 2005 Info: 411 Sent: 'EHLO example.com'
Tue Mar 22 16:52:07 2005 Info: 411 Rcvd: '250-mail.example.com'
Tue Mar 22 16:52:07 2005 Info: 411 Rcvd: '250-8BITMIME'
Tue Mar 22 16:52:07 2005 Info: 411 Rcvd: '250-SIZE 31981568'
Tue Mar 22 16:52:07 2005 Info: 411 Rcvd: '250 PIPELINING'
Tue Mar 22 16:52:07 2005 Info: 411 Sent: 'MAIL FROM:<user@example.com>'
Tue Mar 22 16:52:07 2005 Info: 411 Rcvd: '250 sender <user@example.com> ok'
Tue Mar 22 16:52:07 2005 Info: 411 Sent: 'RCPT TO:<test@example.com>'
Tue Mar 22 16:52:07 2005 Info: 411 Rcvd: '250 recipient <test@example.com> ok'
Tue Mar 22 16:52:07 2005 Info: 411 Sent: 'DATA'
Tue Mar 22 16:52:07 2005 Info: 411 Rcvd: '354 go ahead'
Tue Mar 22 16:52:07 2005 Info: 411 Sent: 'Received: from unknown (HELO)
 (10.250.7.164)rn by example.com with SMTP; 22 Mar 2005 16:52:08 -0800rn'
Tue Mar 22 16:52:07 2005 Info: 411 Sent: 'Message-ID:
 <000d01c52f43$48dacba0$a407fa0a@example.com>rnFrom: "User" <user@example.com>
 rnTo:<test@example.com>rn Subject:TestrnDate:Tue,22Mar200516:57:28-0800rnMIME-
 Version:1.0rn
Content-Type:multipart/alternative;rntboundary="----=
 _NextPart_000_000A_01C52F00.3AA3B580"rnX-Priority: 3rnX-MSMail-Priority:
 Normalrn X-Mailer: Microsoft Outlook Express 6.00.2900.2180rnX-MimeOLE:
 Produced ByMicrosoft MimeOLEV6.00.2900.2180rnrnThis is a multi-part
 messageinMIMEformat.rnrn------=_NextPart_000_000A_01C52F00.3AA3B580rn
 Content-Type:text/plain;rntcharset= "iso-8859-1"rnContent-Transfer-Encoding:
 quoted-printablernrnThis isthebodyofthemail.rnThisisadisclaimer.rnrn------=
 _NextPart_000_000A_01C52F00.3AA3B580rnContent-Type:text/html;rntcharset=
 "iso-8859-1"rnContent-Transfer-Encoding:quoted-printablernrn<!DOCTYPEHTMLPUBLIC
 "-//W3C//DTDHTML4.0Transitional//EN">rn<HTML><HEAD>rn<METAhttp-equiv=
 3DContent-Typecontent= 3D"text/html;charset= 3Diso-8859-1">rn<METAcontent=
 3D"MSHTML6.00.2900.2523"name= 3DGENERATOR>rn<STYLE></STYLE>rn</HEAD>rn
 <BODYbgColor= 3D#ffffff>rn<DIV><FONTface= 3DArialsize= 3D2>This is the body
 of thernmail.</FONT></DIV><pre> This is a disclaimer.rn </pre></BODY></HTML>
 rnrn------=_NextPart_000_000A_01C52F00.3AA3B580--rn'
Tue Mar 22 16:52:07 2005 Info: 411 Sent: '.rn'
Tue Mar 22 16:52:07 2005 Info: 411 Rcvd: '250 ok dirdel'
Tue Mar 22 16:52:12 2005 Info: 411 Sent: 'QUIT'
Tue Mar 22 16:52:12 2005 Info: 411 Rcvd: '221 mail.example.com'

疑難排解

目前尚無適用於此組態的具體疑難排解資訊。 

相關資訊

修訂記錄

修訂 發佈日期 意見
1.0
25-Jun-2014
初始版本
TAC Authored

由思科工程師貢獻

  • Harry Davis and Robert Sherwin
    Cisco TAC Engineers.

這份文件是否有所幫助?

Feedback意見

讓思科協助您

本文件適用於這些產品