Viewing Logs

There are several log files generated by the SMA appliance, and AMC enables you to sort, search, and filter them.

To view logs

1. In the AMC, navigate to Monitoring > Logging.

   The View Logs page displays.

   

2. Select the system or service log file you want to view from the Log file drop-down menu. The columns of information displayed are different for each type of log file, as described in the below table.

   Log file descriptions

   Log file	Description
   System message log	Displays server processing and diagnostic information about the network tunnel service and the Web proxy service. It also provides detailed messages about all access control decisions: each time a user request matches a policy rule, a log file entry is recorded explaining the action taken. For details, see System Message Log.
   Management message log	Displays entries regarding the operation of AMC, including when the console was started and stopped, and what errors occurred during administration of the appliance. For details, see Management Message Log.
   Management audit log	Displays an audit history of configuration changes made in AMC by administrators, showing when changes were made and by which administrator. For details, see Management Audit Log.
   Network proxy/tunnel audit log Web proxy audit log	There are two access service audit logs: one for the Web proxy service (called Workplace in the log files), and one that combines messages from both the network proxy and network tunnel services (called Anywhere VPN in the log files). These two logs provide detailed information about connection activity, including a list of users and the amount of data transferred. For details, see Network Tunnel Audit Log and Web Proxy Audit Log.
   Client installation logs	If something goes wrong during client or agent installation on a computer running Windows, the error is recorded in a client installation log. These logs are automatically uploaded to the appliance and listed in AMC if the user has Secure Endpoint Manager installed. For details, see Client Installation Logs (Windows).
   Unregistered device log	Displays a list of login attempts from users on devices that are not registered. You can export the list to an XML format that can be used to register these devices.

3. Use the Show last drop-down menu to select the number of log messages you want to display. You can choose 50 (default), 100, 250, 500, or 1000 messages.

4. Click the Refresh button to update the page to show the most recent log messages, or to view the results of any filtering selections you’ve made.

   By default, the log viewer’s Auto-refresh option is set to 1 min. You can optionally set the refresh time to 30 sec., 5 min., 10 min., 15 min., or turn it Off during your AMC session.

5. Use the optional Search for and Level, Source, and Status sorting options to find log messages that meet specific criteria. See Sorting, Searching, and Filtering Log Messages.

6. Click (>) in the first column when a log entry is more than a few lines long: click it to expand the entry.