Cisco Cisco Web Security Appliance S390 Betriebsanweisung
Chapter 24 Logging
Access Log File
24-34
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
-
The URL category verdict determined during response-side scanning,
abbreviated. Applies to the Cisco IronPort Web Usage Controls URL
filtering engine only. Only applies when the Dynamic Content Analysis
engine is enabled and when no category is assigned at request time (a value
of “nc” is listed in the request-side scanning verdict).
abbreviated. Applies to the Cisco IronPort Web Usage Controls URL
filtering engine only. Only applies when the Dynamic Content Analysis
engine is enabled and when no category is assigned at request time (a value
of “nc” is listed in the request-side scanning verdict).
For a list of URL category abbreviations, see
Trojan Phisher
Unified response-side anti-malware scanning verdict independent of which
scanning engines are enabled. Applies to transactions blocked due to server
response scanning.
scanning engines are enabled. Applies to transactions blocked due to server
response scanning.
-
The threat type returned by the Web Reputation filters which resulted in the
target website receiving a poor reputation. Typically, this field is populated
for sites at reputation of -4 and below.
target website receiving a poor reputation. Typically, this field is populated
for sites at reputation of -4 and below.
Unknown
The application name as returned by the AVC engine, if applicable.
Only applies when the AVC engine is enabled.
Unknown
The application type as returned by the AVC engine, if applicable.
Only applies when the AVC engine is enabled.
-
The application behavior as returned by the AVC engine, if applicable.
Only applies when the AVC engine is enabled.
-
Safe browsing scanning verdict. This value indicates whether or not either
the safe search or site content ratings feature was applied to the transaction.
the safe search or site content ratings feature was applied to the transaction.
For a list of the possible values, see
489.73
The average bandwidth consumed serving the request in Kb per second.
0
A value that indicates whether or not the request was throttled due to
bandwidth limit control settings. “1” indicates the request was throttled, “0”
indicates it was not.
bandwidth limit control settings. “1” indicates the request was throttled, “0”
indicates it was not.
[Local]
The type of user making the request, either “local” or “remote.” Only applies
when Mobile User Security is enabled. When it is not enabled, the value is
a hyphen (-).
when Mobile User Security is enabled. When it is not enabled, the value is
a hyphen (-).
Table 24-8
Access Log File Entry — Scanning Verdict Information
Field Value
Description