ProSecure Web/Email Security Threat Management (STM) Appliance Reference Manual
6-22 Monitoring System Access and Performance
v1.0, September 2009
Querying Logs and Generating Reports
The extensive logging and reporting functions of the STM let you perform the following tasks that
help you to monitor the protection of the network and the performance of the STM:
• Querying and downloading logs
• Generating and downloading e-mail, Web, and system reports
• Scheduling automatic e-mail, Web, and system reports, and e-mailing these reports to
specified recipients.
For information about e-mailing logs and sending logs to a syslog server, see “Configuring and
Activating System, E-mail, and Syslog Logs” on page 6-3.
Querying the Logs
The STM generates logs that provide detailed information about malware threats and traffic
activities on the network. You can search and view these logs through the Web Management
Interface or save the log records in CSV or HTML format and download them to a computer (the
downloading option is not available for all logs). You can also specify how many entries are
displayed per page (the default setting is 15 entries).
The STM provides eight types of logs:
• Traffic. All scanned incoming and outgoing traffic.
• Virus. All intercepted viruses.
• Spyware. All intercepted spyware.
• Spam. All intercepted spam, including spam that was detected through the blacklist, real-time
blacklist, and Distributed Spam Analysis.
• Email filters. All e-mails that are intercepted because of keyword, file type, file name,
password, or size limit violations.
• Content filters. All Web sites, URLs, and FTP sites that are intercepted because of Web
category, blacklist, file type, or size limit violations.
• System. The system event logs that include all system errors, informational messages,
configuration changes, and system software updates.
• Application. All intercepted application access violations.