Logging enables you to record web filtering and other processes on an appliance. Reviewing the log files that contain the recordings allows you to find reasons for failures and solve problems.
The following elements are involved in logging:
- Log files that entries recording web filtering and other processes are written into
- System functions that write entries into log files
- Modules that write entries into log files
- Logging rules that write entries into log files
- Log file management modules that rotate, delete, and push log files
Log files contain entries on web filtering and other processes. Log files with the same kind of content are stored in folders, which are called logs. You can view all logs and log files on the user interface of an appliance.
Depending on their content, log files are maintained by functions of the appliance system, modules, or logging rules. Accordingly, you can perform some or all kinds of activities for these log files, such as viewing, editing, rotating, and others.
Logging by system functions
For some content, log file entries are written by functions of the appliance system. You can view these files on the user interface, but not edit or delete them. The files are also rotated in regular intervals by system functions.
Logging by modules
For some content, log file entries are written by particular modules, such as the proxy module or the Anti-Malware module.
You can view these files on the user interface, but not edit or delete them. Rotation and deletion of these files and pushing them to another location is handled by the Log File Manager, which you can configure settings for.
Logging by rules
A logging rule uses events to create a log file entry and write it into a log file if its criteria matches.
Like other rules, logging rules are contained in rule sets. Logging rule sets are nested in top-level rule sets, which are known as Log Handlers. A default Log Handler rule set is available after the initial setup of an appliance. This rule set includes the following nested rule sets by default.
- Access Log — Contains a rule that writes entries about access to a Web Gateway appliance into the log
- Access Denied Log — Contains a rule that writes entries about attempts to access a Web Gateway appliance that were denied into the log
- Found Viruses Log — Contains a rule that writes entries about viruses that were found when requests were processed on a Web Gateway appliance into the log
To these default rule sets, you can add rule sets that you import from the rule set library, for example, the Proxy Error Log rule set. These rule sets are located in the Logging rule set group of the library.
Logging rules are processed in a separate logging cycle after the request, response, and embedded object cycles have been completed for a request that is received on an appliance.
Rotation and deletion of these files and pushing them to another location is handled by the File System Logging module, which you can configure settings for.
Log file management modules
There are two modules for performing management activities on log files, including rotation, deletion, and pushing to other locations.
These modules are the Log File Manager for log files that are maintained by modules and the File System Logging module (also known as engine) for log files maintained by logging rules.
You can configure settings for these modules to adapt the rotation, deletion, and pushing of log files to the requirements of your network.