Symantec 10490452 Administration Guide - Page 184
Message tracking, Enable message tracking, Searching for a message
UPC - 037648265683
View all Symantec 10490452 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 184 highlights
184 Administering the system Getting status information Message tracking Symantec Mail Security for SMTP provides a message tracking component allowing you to search for messages and find out what has happened to them. When enabled, message tracking provides administrators of Symantec Mail Security for SMTP with a trail of detailed information about every message that has been accepted and processed by the software. Auditing information is used to track what decisions were made within a single scanner framework. Message tracking and its associated logs is not intended to replace debug or information level logging. Where message tracking is distinctly different from standard scanner logging is that logged information is specifically associated with a message. To use message tracking, employ the information and procedures described in the following sections. Enable message tracking By default, message tracking is disabled. You must enable this feature before any tracking information is available for viewing or searching. It is important to realize that logs for message tracking can become large, and searching the logs can create high demand for Scanner processing time. To enable message tracking 1 In the Control Center, click Settings > Logs. 2 Select the host on which to enable message tracking. 3 Under Message Tracking Logs, check Enable message logs. 4 Click Save. Searching for a message A query facility is provided to search the message tracking log to determine if one or more messages meet the criteria for the message you want to find. The Message Tracking logs page enables you to specify either one or two criteria and related supplementary information as follows: ■ Host-One or more Scanners running Symantec Mail Security for SMTP. In order to find all details about a message, search on all attached Scanners. ■ Time range-Period of time for the search to query the audit log. While it is possible to search for longer periods, it is recommended that message searches not exceed one week. ■ Mandatory filter-Required search criteria that can be any one of the following: ■ Sender-Name of the message sender