Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
can anyone tell me where to find a log (which log) entry for the device log action criteria. Having some problems when triggered logs are forwarded with SMTP. I've looked at /var/log/maillog (not there). Also looked through the gui and dev errorlogs.
The problem is that log acition criteria (SMTP) seems to be working for some subdomains and for some not. They are all configured the same except the dest. email address. Also found in the server that accepts these mails that there is a "name service error". In the NSM the receiving address is configured firstname.lastname@example.org but the receiving says that the mails comes in as email@example.com so the host doesn't match firstname.lastname@example.org.
Also if someone has a idea why it changes the email address would be a big help.
When SMTP is configured for log2action, you will see a messge show up in the /usr/netscreen/DevSvr/var/errorLog/newLogWalker.0. The best and easy way to verify this is to see if the temporary files are getting created. They will be in the /usr/netscreen/DevSvr/var/misc/sp directory. The files will be named .email. The temp email file gets created in this dcirectory and gets removed after it is sent out.
found from the log that the NSM tried to use an old SMTP server IP. The schema update must have done something, cause now I only did a "save" in teh SMTP server options in the NSM gui (the correct IP was in the field) and the there are no more smtp failures in the log.