ACSIA Help Center

How to add Zimbra logs among the logs monitored by ACSIA SOS

Rossella Petrucci
Rossella Petrucci
  • Updated

This feature is available from version 7.2.0

  1. Login on ACSIA SOS

  2. Click on Devices in the side menu



  3. Identify the machine where Zimbra is installed and click on the Edit button (pencil icon)



  4. Select the Custom Logs tab and click on “+ Custom Log” button



  5. Add the following custom logs:

    1. File path: /opt/zimbra/log/audit.log
      Category: syslog
      Log format: syslog
      Make sure that the switch is Enabled and click Save.



    2. File path: /opt/zimbra/log/nginx.log
      Category: NGINX
      Log format: apache
      Make sure that the switch is Enabled and click Save.



    3. File path: /opt/zimbra/log/access_log.*
      Category: Apache HTTP Server Project
      Log format: apache
      Make sure that the switch is Enabled and click Save.

 

Important Note

To ensure optimal performance and prevent delays in log analysis by ACSIA SOS, it is recommended to manage the size of the logs in the /opt/zimbra/log directory. Specifically, focus on the access_log.* files. If there are many large access_log.* files currently present in this directory, consider moving them to a backup folder. This helps ACSIA SOS to process only the necessary logs without being overwhelmed by older, larger files.

  • If you have a log retention policy that only keeps logs from the current day or the past few days, this step may not be necessary.
  • If there is no such retention policy, we recommend moving older access_log.* files to a backup directory to allow ACSIA SOS to analyze new logs efficiently.

If you are unsure how to manage your logs, please contact our support team for assistance. Following this practice will help maintain ACSIA SOS’s performance and ensure timely detection of any security events.