Cisco Cisco Web Security Appliance S360 User Guide
20-5
AsyncOS 8.8 for Cisco Web Security Appliances User Guide
Chapter 20 Detecting Rogue Traffic on Non-Standard Ports
Viewing L4 Traffic Monitor Activity
Monitoring Activity and Viewing Summary Statistics
The Reporting > L4 Traffic Monitor page provides statistical summaries of monitoring activity. You
can use the following displays and reporting tools to view the results of L4 Traffic Monitor activity:
can use the following displays and reporting tools to view the results of L4 Traffic Monitor activity:
Note
If the Web Proxy is configured as a forward proxy and L4 Traffic Monitor is set to monitor all ports, the
IP address of the proxy’s data port is recorded and displayed as a client IP address in the client activity
report on the Reporting > Client Activity page. If the Web Proxy is configured as a transparent proxy,
enable IP spoofing to correctly record and display the client IP addresses.
IP address of the proxy’s data port is recorded and displayed as a client IP address in the client activity
report on the Reporting > Client Activity page. If the Web Proxy is configured as a transparent proxy,
enable IP spoofing to correctly record and display the client IP addresses.
L4 Traffic Monitor Log File Entries
The L4 Traffic Monitor log file provides a detailed record of monitoring activity.
To view...
See...
Client statistics
Reporting > Client Activity
Malware statistics
Port statistics
Reporting > L4 Traffic Monitor
L4 Traffic Monitor log files
System Administration > Log Subscriptions
•
trafmon_errlogs
•
trafmonlogs