Quick Reference Guide

Chapter 6. Monitoring System Access and Performance | 175

6. Monitoring System Access and

Performance

This chapter describes the system monitoring features of the STM. You can be alerted to

important events such as attacks and login failures. You can also view the system status and

real-time traffic and security information. In addition, the diagnostics utilities are described.

Note: All email notification functions that are part of the Logs, Reports,

and Alerts menus, and some of the functions that are part of the

Diagnostics configuration menu require that you configure the email

notification server—see Configuring the Email Notification Server on

page 176.

This chapter contains the following sections:

• Configuring Logging, Alerts, and Event Notifications on this page

• Monitoring Real-Time Traffic, Security, Statistics, and Web Usage on page 184

• Viewing System Status on page 192

• Querying Logs on page 194

• Viewing, Scheduling, and Generating Reports on page 200

• Viewing and Managing the Quarantine Files on page 208

• Using Diagnostics Utilities on page 215

Configuring Logging, Alerts, and Event Notifications

You can configure the STM to email logs and alerts to a specified email address. For

example, the STM can email security-related events such as malware incidents, infected

clients, and failed authentications. By default, the STM logs content filtering events such as

attempts to access blocked sites and URLs, unwanted email content, spam attempts, and

many other types of events.

For you to receive the logs in an email message, the STM’s notification server needs to be

configured and email notification needs to be enabled. If the notification server is not

configured or email notification is disabled, you can still query the logs and generate log

reports to view on the Web Management Interface or to save in CSV format.