Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1818
Views
0
Helpful
2
Replies

How to check system logs for mail problems

bvj197222
Level 1
Level 1

‎09-10-2019 10:50 AM

Hello,

we are switching over from C170 appliances to Email Security Virtual Appliance (C100V), running AsyncOS 12.5.0-059. What CLI-commands are the best ones to use to discover if there's any problems in email being rejected etc? I am aware of the grep-command;

 

(Machine xxx.xx.com)> grep

Currently configured logs:
Log Name Log Type Retrieval Interval
---------------------------------------------------------------------------------
1. amp AMP Engine Logs Manual Download None
2. amparchive AMP Archive Manual Download None
3. antispam Anti-Spam Logs Manual Download None
4. antivirus Anti-Virus Logs Manual Download None
5. asarchive Anti-Spam Archive Manual Download None
6. authentication Authentication Logs Manual Download None
7. avarchive Anti-Virus Archive Manual Download None
8. bounces Bounce Logs Manual Download None
9. cli_logs CLI Audit Logs Manual Download None
10. dlp DLP Logs Manual Download None
11. encryption Encryption Logs Manual Download None
12. error_logs IronPort Text Mail Logs Manual Download None
13. euq_logs Spam Quarantine Logs Manual Download None
14. euqgui_logs Spam Quarantine GUI Logs Manual Download None
15. ftpd_logs FTP Server Logs Manual Download None
16. gmarchive Graymail Archive Manual Download None
17. graymail Graymail Engine Logs Manual Download None
18. gui_logs HTTP Logs Manual Download None
19. mail_logs IronPort Text Mail Logs Manual Download None
20. mar Mailbox Auto Remediation Logs Manual Download None
21. repeng Reputation Engine Logs Manual Download None
22. reportd_logs Reporting Logs Manual Download None
23. reportqueryd_logs Reporting Query Logs Manual Download None
24. scanning Scanning Logs Manual Download None
25. sdr_client Sender Domain Reputation Logs Manual Download None
26. smartlicense Smartlicense Logs Manual Download None
27. sntpd_logs NTP logs Manual Download None
28. status Status Logs Manual Download None
29. system_logs System Logs Manual Download None
30. threatfeeds Threat Feeds Logs Manual Download None
31. trackerd_logs Tracking Logs Manual Download None
32. updater_logs Updater Logs Manual Download None
33. upgrade_logs Upgrade Logs Manual Download None
34. web_client URL Filtering Logs Manual Download None

 

If I tail mail_logs (18), would that be the best way of seeing what is going on in realtime? Plus I should tail bounces (8)? I'm also aware of the command 'workqueue' and 'tophosts'.

Labels:
0 Helpful
2 Replies 2

ppreenja
Cisco Employee
Cisco Employee
In response to balaji.bandi

‎09-11-2019 03:46 AM

Hello,

In addition to the above, I would like to add the below articles that might be useful if you require to troubleshoot issues related to message rejected for inbound emails:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118295-technote-esa-00.html

Cheers,
Pratham
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents