Cisco Cisco Web Security Appliance S380 User Guide
20-6
Cisco AsyncOS for Web User Guide
Chapter 20 Monitor System Activity Through Logs
Adding and Editing Log Subscriptions
Custom Fields
(Access Logs)
Allows you to include custom information in each access log entry.
The syntax for entering format specifiers in the Custom Field is as follows:
<format_specifier_1> <format_specifier_2> ...
For example:
%a %b %E
You can add tokens before the format specifiers to display descriptive text in
the access log file. For example:
the access log file. For example:
client_IP %a body_bytes %b error_type %E
where
client_IP
is the description token for log format specifier
%a
, and so
on.
File Name
The name of the log files. Current log files are appended with a
.c
extension
and rolled over log files are appended with the file creation timestamp and a
.s
extension.
Log Fields
(W3C Access Logs)
Allows you to choose the fields you want to include in the W3C access log.
Select a field in the Available Fields list, or type a field in the Custom Field
box, and click Add.
box, and click Add.
The order the fields appear in the Selected Log Fields list determines the
order of fields in the W3C access log file. You can change the order of fields
using the Move Up and Move Down buttons. You can remove a field by
selecting it in the Selected Log Fields list and clicking Remove.
order of fields in the W3C access log file. You can change the order of fields
using the Move Up and Move Down buttons. You can remove a field by
selecting it in the Selected Log Fields list and clicking Remove.
You can enter multiple user defined fields in the Custom Fields box and add
them simultaneously as long as each entry is separated by a new line (click
Enter) before clicking Add.
them simultaneously as long as each entry is separated by a new line (click
Enter) before clicking Add.
When you change the log fields included in a W3C log subscription, the log
subscription automatically rolls over. This allows the latest version of the log
file to include the correct new field headers.
subscription automatically rolls over. This allows the latest version of the log
file to include the correct new field headers.
Log Compression
Specifies whether or not rolled over files are compressed. AsyncOS
compresses log files using the gzip compression format.
compresses log files using the gzip compression format.
Log Exclusions
(Optional)
(Optional)
(Access Logs)
Allows you to specify HTTP status codes (4xx or 5xx only) to exclude the
associated transactions from an access log or a W3C access log.
associated transactions from an access log or a W3C access log.
For example, entering 401 will filter out authentication failure requests that
have that transaction number.
have that transaction number.
Option
Description