by default access log at IWSVA store in database only.

for access as a file you should choose "write logs to database and log files" in Logs > Settings > Reporting Logs

after that at /var/iwss/log/ you can find acces log file in following format access.log.yyyy.mm.dd

default rotation 100MB

 

but keep in mind that store access logs in files very is very greedy for HDD

 

Hi thanks for the reply......... The settings what u have said is there but i could not see any such access logs (access.log.yyyy.mm.dd) like the above in the path /var/iwss/log ...I am just getting only the HTTP logs

By default, access logging is disabled. In order toobtain reports for user access, you must enable access logging by selecting LogHTTP/HTTPS/FTP access events in the Logs > Log Settings > Reporting Logsscreen.

after that select "store access logs at database and files"

Even that settings is enabled but dint get the logs

you ensure that goes thru IWSVA?

try to test eicar download or another blocking operation. is it worked? can you see at logs that blocking?

Ya the users are going thro proxy only and its blocking the users according to the policies that we applied but i am getting the access logs in gui and there is no any log for blocking....... but i could not see the access logs in the var/iwss/log path

in following configuration everything works fine (see screenshot)

 

at console i got:

[root@iwsva55 ~]# ls -la /var/iwss/log/access.log.2011.08.18.0001

-rw-r--r-- 1 iscan iscan 50183 Aug 18 09:26 /var/iwss/log/access.log.2011.08.18.0001

 

 

But still i cant find the access logs donno y ;(

can you send output of following command:

ls /var/iwss/log/

 

and

 

cat /etc/iscan/intscan.ini|grep logtype