Cisco Cisco Web Security Appliance S390 Betriebsanweisung
20-25
AsyncOS 8.1 for Cisco Web Security User Guide
Chapter 20 Monitor System Activity Through Logs
Access Log Field Descriptions and Identifiers
Access Control List (ACL) Decision Tags
An ACL decision tag indicates how the Web Proxy handled the transaction. It includes information from
the Web Reputation filters, URL categories, and the scanning engines.
the Web Reputation filters, URL categories, and the scanning engines.
Note
The end of the ACL decision tag includes a dynamically generated number that the Web Proxy uses
internally to increase performance. You can ignore this number.
internally to increase performance. You can ignore this number.
35 Aborted
36 Outbreak
Heuristics
37
Known Malicious and High-Risk Files
Malware Scanning Verdict Value
Malware Category
ACL Decision Tag
Description
ALLOW_ADMIN_ERROR_PAGE
The Web Proxy allowed the transaction to an notification
page and to any logo used on that page.
page and to any logo used on that page.
ALLOW_CUSTOMCAT
The Web Proxy allowed the transaction based on custom
URL category filtering settings for the Access Policy group.
URL category filtering settings for the Access Policy group.
ALLOW_WBRS
The Web Proxy allowed the transaction based on the Web
Reputation filter settings for the Access Policy group.
Reputation filter settings for the Access Policy group.
BLOCK_ADMIN
The Web Proxy blocked the transaction based on some
default settings for the Access Policy group.
default settings for the Access Policy group.
BLOCK_ADMIN_CONNECT
The Web Proxy blocked the transaction based on the TCP
port of the destination as defined in the HTTP CONNECT
Ports setting for the Access Policy group.
port of the destination as defined in the HTTP CONNECT
Ports setting for the Access Policy group.
BLOCK_ADMIN_CUSTOM_USER_AGENT
The Web Proxy blocked the transaction based on the user
agent as defined in the Block Custom User Agents setting
for the Access Policy group.
agent as defined in the Block Custom User Agents setting
for the Access Policy group.
BLOCK_ADMIN_IDS
The Web Proxy blocked the transaction based on the MIME
type of the request body content as defined in the Data
Security Policy group.
type of the request body content as defined in the Data
Security Policy group.
BLOCK_ADMIN_FILE_TYPE
The Web Proxy blocked the transaction based on the file
type as defined in the Access Policy group.
type as defined in the Access Policy group.
BLOCK_ADMIN_PROTOCOL
The Web Proxy blocked the transaction based on the
protocol as defined in the Block Protocols setting for the
Access Policy group.
protocol as defined in the Block Protocols setting for the
Access Policy group.
BLOCK_ADMIN_SIZE
The Web Proxy blocked the transaction based on the size of
the response as defined in the Object Size settings for the
Access Policy group.
the response as defined in the Object Size settings for the
Access Policy group.
BLOCK_ADMIN_SIZE_IDS
The Web Proxy blocked the transaction based on the size of
the request body content as defined in the Data Security
Policy group.
the request body content as defined in the Data Security
Policy group.