Please read and review the entire Release Notes for AsyncOS 13.7 for Cisco Email
Security Appliances (GD).
You can now retrieve the following log details from your email gateway using AsyncOS APIs:
- Log subscription details.
- All log files for a specific log subscription.
- Log files using a filename or a URL.
For more information, see the “Logging APIs” section in the AsyncOS 13.7 API for Cisco Email Security Appliances - Getting Started Guide
The Cisco Email Security gateway supports a new type of log subscription – ‘Audit Logs’ that records AAA (Authentication, Authorization, and Accounting) events.
Some of the audit log details are as follows:
• User - Logon
• User - Logon failed incorrect password
• User - Logon failed unknown user name
• User - Logon failed account expired
• User - Logoff
• User - Lockout
• User - Activated
• User - Password change
• User - Password reset
• User - Security settings/profile change
• User - Created
• User - Deleted or modified
• User Configuration - Configuration changes made by the user.
• Group/Role - Deletion or modified
• Group /Role - Permissions change
• Quarantine - Actions performed on messages in the quarantine.
For more information, see the “Logging” chapter in the user guide or online help.
The Cisco Email Security gateway supports integration with applications or clients that use Identity Providers (IDPs) with OpenID Connect 1.0 authentication to connect seamlessly with AsyncOS APIs available in your email gateway. Currently, your email gateway has been certified with OpenID Connect using Microsoft AD FS only.
For more information, see the “System Administration” chapter in the user guide or online help and the CLI Reference Guide for AsyncOS for Cisco Email Security Appliances.
A new access privilege option - Log Subscription is added in the System Administration > User Role page in the web interface of your appliance. Use the Log Subscription option to define whether delegated administrators assigned to the custom user role can access log subscriptions or Logging APIs to view or download log files.
For more information, see the “Distributing Administrative Tasks” chapter in the user guide or online help.
The appliance now supports a new type of log subscription - Cloud Connector Logs. Use this log subscription to view information about Web Interaction Tracking data from Cisco Aggregator Server. Most of the information is present at the Info or Warning Level.
Updated 8 months ago