Secure Mobile Access 12.4 Administration Guide

Viewing Logs

There are several log files generated by the SMA appliance, and AMC enables you to sort, search, and filter them.

To view logs

  1. In the AMC, navigate to Monitoring > Logging.

    The View Logs page displays.

  2. Select the system or service log file you want to view from the Log file drop-down menu. The columns of information displayed are different for each type of log file, as described in the below table.

    Log file descriptions
    Log fileDescription
    System message log

    Displays server processing and diagnostic information about the network tunnel service and the Web proxy service. It also provides detailed messages about all access control decisions: each time a user request matches a policy rule, a log file entry is recorded explaining the action taken.

    For details, see System Message Log.

    Management message log

    Displays entries regarding the operation of AMC, including when the console was started and stopped, and what errors occurred during administration of the appliance.

    For details, see Management Message Log.

    Management audit log

    Displays an audit history of configuration changes made in AMC by administrators, showing when changes were made and by which administrator.

    For details, see Management Audit Log.

    Network proxy/tunnel audit log

    Web proxy audit log

    There are two access service audit logs: one for the Web proxy service (called ExtraWeb in the log files), and one that combines messages from both the network proxy and network tunnel services (called Anywhere VPN in the log files). These two logs provide detailed information about connection activity, including a list of users and the amount of data transferred.

    For details, see Network Tunnel Audit Log and Web Proxy Audit Log.

    Client installation logs

    If something goes wrong during client or agent installation on a computer running Windows, the error is recorded in a client installation log. These logs are automatically uploaded to the appliance and listed in AMC if the user has Secure Endpoint Manager installed.

    For details, see Client Installation Logs (Windows).

    Unregistered device logDisplays a list of login attempts from users on devices that are not registered. You can export the list to an XML format that can be used to register these devices.
  3. Use the Show last drop-down menu to select the number of log messages you want to display. You can choose 50 (default), 100, 250, 500, or 1000 messages.
  4. Click the Refresh button to update the page to show the most recent log messages, or to view the results of any filtering selections you’ve made.

    By default, the log viewer’s Auto-refresh option is set to 1 min. You can optionally set the refresh time to 30 sec., 5 min., 10 min., 15 min., or turn it Off during your AMC session.

  5. Use the optional Search for and Level, Source, and Status sorting options to find log messages that meet specific criteria. See Sorting, Searching, and Filtering Log Messages.
  6. A plus sign (+) is displayed in the first column when a log entry is more than a few lines long: click it to expand the entry.

When Auto-refresh is set to any time interval other than Off and the View Logs page is displayed, the refresh activity prevents the AMC session from automatically timing out after the default inactivity period (15 minutes). This means that if you leave AMC unattended while the View Logs page is displayed and in auto-refresh mode, AMC will not time out. A good security practice is to always switch to another page in AMC when you are done viewing log messages. See Appliance Sessions for more information.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.