Cisco Cisco Web Security Appliance S670 Betriebsanweisung
20-20
AsyncOS 8.5 for Cisco Web Security Appliances User Guide
Chapter 20 Monitor System Activity Through Logs
Interpreting Access Log Scanning Verdict Entries
Interpreting Access Log Scanning Verdict Entries
The access log file entries aggregate and display the results of the various scanning engines, such as URL
filtering, Web Reputation filtering, and anti-malware scanning. The appliance displays this information
in angled brackets at the end of each access log entry.
filtering, Web Reputation filtering, and anti-malware scanning. The appliance displays this information
in angled brackets at the end of each access log entry.
MONITOR_IDS
The Web Proxy scanned the upload request using either a
Data Security Policy or an External DLP Policy, but did not
block the request. It evaluated the request against the
Access Policies.
Data Security Policy or an External DLP Policy, but did not
block the request. It evaluated the request against the
Access Policies.
MONITOR_SUSPECT_USER_AGENT
The Web Proxy monitored the transaction based on the
Suspect User Agent setting for the Access Policy group.
Suspect User Agent setting for the Access Policy group.
MONITOR_WBRS
The Web Proxy monitored the transaction based on the Web
Reputation filter settings for the Access Policy group.
Reputation filter settings for the Access Policy group.
NO_AUTHORIZATION
The Web Proxy did not allow the user access to the
application because the user was already authenticated
against an authentication realm, but not against any
authentication realm configured in the Application
Authentication Policy.
application because the user was already authenticated
against an authentication realm, but not against any
authentication realm configured in the Application
Authentication Policy.
NO_PASSWORD
The user failed authentication.
PASSTHRU_ADMIN
The Web Proxy passed through the transaction based on
some default settings for the Decryption Policy group.
some default settings for the Decryption Policy group.
PASSTHRU_WEBCAT
The Web Proxy passed through the transaction based on
URL category filtering settings for the Decryption Policy
group.
URL category filtering settings for the Decryption Policy
group.
PASSTHRU_WBRS
The Web Proxy passed through the transaction based on the
Web Reputation filter settings for the Decryption Policy
group.
Web Reputation filter settings for the Decryption Policy
group.
REDIRECT_CUSTOMCAT
The Web Proxy redirected the transaction to a different
URL based on a custom URL category in the Access Policy
group configured to “Redirect.”
URL based on a custom URL category in the Access Policy
group configured to “Redirect.”
SAAS_AUTH
The Web Proxy allowed the user access to the application
because the user was authenticated transparently against the
authentication realm configured in the Application
Authentication Policy.
because the user was authenticated transparently against the
authentication realm configured in the Application
Authentication Policy.
OTHER
The Web Proxy did not complete the request due to an error,
such as an authorization failure, server disconnect, or an
abort from the client.
such as an authorization failure, server disconnect, or an
abort from the client.
ACL Decision Tag
Description