Syslog push is a method that sends log messages to a remote syslog server. This method conforms to RFC 3164. You must submit a hostname for the syslog server and choose to use either UDP or TCP for log transmission. The port used is 514. A facility can be selected for the log; however, a default for the log type is pre-selected in the dropdown menu. Only text-based logs can be transferred using syslog push.
Those are part of all Log subscriptions, athough I recall we recently indeed had a defect with Syslog Push not available on a specific log subscription. Could you check if Syslog Push is available for other logs on your appliance?
glad my answer is helpful for you! Basically all connection data is recorded in the mail_logs (Logging Logs in your list I suppose), i.e. IPs, hostnames, sender and recipient addresses, etc... Note that pushing a log to a syslog server does not keep a local copy, so if you still want to use findevent or grep for it locally, you can simply add add another log subscription of the same type (Ironport Mail Logs) for local storage.
BTW, you are correct on the access logs not to be configurable for Syslog push, probably coming up in a future version.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...