IceWarp

1. Go to IceWarp configuration, go to System/Logging
2. Select Logs
3. Go to the General tab, check Send to server, enter the IP address Logmanager
4. Select Advanced for the operator record.
5. Select Advanced for the authentication record.

   

6. Go to the Training tab, here select only the DNS records field
7. Set System Performance to 10
8. SQL Records: select SQL Failure Records
9. AD sync records: select Summary
10. Kerberos Records: select Extended
11. Directory cache records: select Total.
12. WSC records: None

    

13. Go to System/Services and set up logging as shown below

    

To successfully receive and process logs, you need to set up the log classification correctly. The easiest way to do this is to add the IP addresses of the device (or, alternatively, the subnet of your choice) to the appropriate IP prefix list.

Some devices in Logmanager do not have their own IP prefix list and you need to create one or use a classifier - Classifiers. For this device the IP prefix list does not exist, so follow the steps below.

1. Log in to the web administration Logmanager.

2. Go to Parser/IP prefix lists:

   • Click on the icon with the “plus” symbol and create a new IP prefix list
   • Select name as the Icewarp
   • Add the IP addresses of your IceWarp devices (Alternatively, you can use the subnet of your choice).

   

3. Go to Parser/Classifiers

   • In case you are using your own unique classifier, modify it and add the following condition:

   

4. In case you don’t use your own unique classifier, create one:

   • Go to Parser/Classifiers
   • Click on the “plus “ symbol on the right to create a new classifier
   • Name it arbitrarily, for example “IceWarp” and insert the following condition:

   

   Classifiers are sorted alphabetically, make sure the classifier you create is not the last classifier.

   IP prefix lists are used in the default classification template vendor-Default-classification - more Classifier Templates.