How to view SecurityGateway's message log
This article explains how to view the various message-logs that SecurityGateway keeps, in case of a communication issue, to determine if a certain message was sent to the SecurityGateway server, or if it was rejected, and for what reason.
From the Dashboard, after logging in, click on Log Filesin the bottom-left corner. You will then have the following options in the main part of the window, and along the left:
View message log [All Messages]
This will display a list of all messages processed by SecurityGateway, listed by the date received, the sender and recipient address, subject of the message, the final result, why it was rejected (if applicable) and its final score. From this list, you may click on the following buttons along the top:
Refresh, which will reload the page and show you any new messages that were processed since the last time the list was checked.
Search, which will allow you to search for a specific group of messages based on the categories above: date received, sender and recipient address, and so on.
Details, which will bring up a window displaying the SMTP command transcript of the message from start to finish, along with the body of the message and its header. These are located under the Transcript, Message, and Source tabs in the popup window respectively.
Spam, which will add a copy of the message to SecurityGateway's Bayesian-learning spam folder.
Not Spam, which will add a copy of the message to SecurityGateway's Bayesian-learning non-spam folder.
View a list of all log files [All Log Files]
This will display a list of all log files that SecurityGateway records. Highlight the one you wish to review, and click on either View along the top to view it in SecurityGateway, or click on Download to save a copy of it to your local computer.
You may also view a specific log by choosing it from the list in the middle of the window, or along the left. Clicking on Refresh along the top will reload the log from the SecurityGateway server and show any new information from when you last loaded it, and clicking on Download will allow you to save a copy to your local computer.
Clicking on Configure Logging, or any of the options in the main window under Configuration, will present the following options:
This sets how much information SecurityGateway records in its log files, with debug logging recording almost everything, but potentially lowering performance and increasing log file size, to no logging at all. By default, this is set to Informational, which records standard information for both successful transactions as well as failures.
This sets what method SecurityGateway uses to store its log files: either keeping them in the same file for each process, split them up into separate files based on a single day, or separate files based on the day of the week. By default, this is set to 'Create a standard set of log files.'
This has a number of options regarding miscellaneous logging features. They are as follows:
Maximum log file size
This is how large log files can become, in kilobytes, before they are renamed with the .OLD extension and a new log file started for that process. Note that excessively large log files can be difficult to review, and can cause problems. By default, this is set to 0 for no limitation.
Maximum number of log roll-over files
This is how many times SecurityGateway will create a new separate .OLD file, if it becomes too large multiple times. Rolled-over logs will have the extension .OLD(1), .OLD(2), and so on. By default, this is set to 10 roll-overs.
Overwrite existing log files when log file names change at midnight
Enabling this will cause SecurityGateway to delete and recreate a log file every night at midnight when it starts a new logfile, as opposed to simply adding to the old one. Use caution when enabling this, as it can lead to deleting logging history that may be important to diagnosing an issue. By default, this is disabled.
Automatically ZIP and archive log files older than xx days
SecurityGateway will automatically compress into a ZIP archive all log files older than the specified number of days, and move them into the \Logs\OldLogs directory. By default, this is set to 14 days, and can be set to 0 to disable this option completely.
Domain administrators can only view the message-log for messages bound for, or sent from, their own domain or domains, while global administrators can access any of the above options.
Message transcript information available through the message-log will only be available as determined by the Data Retention settings, accessed by clicking on Setup / Users in the lower-left corner, then Data Retention along the left.
KBA-01923 How to view a list of all messages stored in the SecurityGateway database
KBA-01878 How to setup how long messages are kept before being deleted in SecurityGateway