When you use Audit-Log policies to test policies that you plan to deploy, the test results are written to a content.log file. The default location is as follows:
# /var/log/zixvpm/content.log
Both Audit logs and Log logs are written to the content.log file as XML fragments. The log entry is distinguished by the label <AuditEntry> or <LogEntry> and contains the following:
The message content is not captured.
Examples:
Jan 17 11:43:43 mx2 Policy Manager [627] : <AuditEntry>
<PolicyLabel>HIPAA-Subject</PolicyLabel> <Message id="
" from="MaxM@zixcustomer.com" to="MaryM@BestHospital.org">
<Subject>Patient 123-12-1234 Billing</Subject> </Message>
</AuditEntry>
Jan 17 11:45:23 mx2 Policy Manager [630] : <AuditEntry>
<PolicyLabel>HIPAA-Subject</PolicyLabel> <Message id="
" from="JackJ@zixcustomer.com" to="LoisL@DrsPractice.org">
<Subject>John Doe Cancer Treatment</Subject> </Message>
</AuditEntry>
Jan 17 11:54:32 mx2 Policy Manager [629] : <LogEntry>
<PolicyLabel>HIPAA-Subject</PolicyLabel> <Message id="
" from="JJones@zixcustomer.com" to="MAdams@Clinic.com">
<Subject>Janes New Baby</Subject> </Message> </LogEntry>
You can use the information from the Audit logs and Log logs in other applications to analyze your test results.