Quick Overview

zGuardian provides comprehensive logging for access activity, virus scanning operations, signature database updates, and detected threats. These logs are accessible through the Web UI in a structured table format, aiding in auditing, troubleshooting, and threat analysis.

How to Use This Feature in the UI

1. Navigate to System > Logs > Security Log in the zGuardian interface.
2. Select the desired log type from the dropdown menu:
   • Access Log
     
   • Clam Log
     
   • Freshclam Log
     
   • Virus Log
     
3. Set the date and time range using the provided pickers.
4. Click Refresh to display the logs in tabular format.

Concepts & Use Cases

• Access Log: Shows web access details including local/remote IPs, requested URLs, attachments, content types, and timestamps.
• Clam Log: Records antivirus engine (ClamAV) activities and virus database validation operations.
• Freshclam Log: Displays update operations, total virus signatures, and database status details.
• Virus Log: Details virus detection events, including the virus name, affected user, remote URL, and initiating local IP.

These logs provide insight into both real-time security events and historical patterns, useful for forensic analysis and compliance tracking.

Troubleshooting & FAQs

• Q: Why are my logs empty?
  A: Check the selected date range and confirm logging is enabled in system settings.
• Q: How can I tell if the virus DB was successfully updated?
  A: Review the Freshclam Log for last update time and signature count.
• Q: What should I look for in the Virus Log?
  A: Focus on the virus name, affected user, triggering URL, and local IP for incident response.