Cisco Cisco Web Security Appliance S670 User Guide
Chapter 24 Logging
Access Log File
24-32
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
-
A value that Sophos uses as a scan return code. IronPort Customer Support
may use this value when troubleshooting an issue.
may use this value when troubleshooting an issue.
Applies to responses detected by Sophos only.
-
The file location where Sophos found the objectionable content. For
non-archive files, this value is the file name itself. For archive file, it is the
object in the archive, such as
non-archive files, this value is the file name itself. For archive file, it is the
object in the archive, such as
archive.zip/virus.exe
.
Applies to responses detected by Sophos only.
-
A value that Sophos uses as the threat name. IronPort Customer Support may
use this value when troubleshooting an issue.
use this value when troubleshooting an issue.
Applies to responses detected by Sophos only.
-
The IronPort Data Security scan verdict based on the action in the Content
column of the IronPort Data Security Policy.
column of the IronPort Data Security Policy.
The following list describes the possible values for this field:
•
0. Allow
•
1. Block
•
- (hyphen). No scanning was initiated by the IronPort Data Security
Filters. This value appears when the IronPort Data Security Filters is
disabled or when the URL category action is set to Allow.
Filters. This value appears when the IronPort Data Security Filters is
disabled or when the URL category action is set to Allow.
-
The External DLP scan verdict based on the result given in the ICAP
response.
response.
The following list describes the possible values for this field:
•
0. Allow
•
1. Block
•
- (hyphen). No scanning was initiated by the external DLP server. This
value appears when External DLP scanning is disabled or when the
content was not scanned due to an exempt URL category on the External
DLP Policies > Destinations page.
value appears when External DLP scanning is disabled or when the
content was not scanned due to an exempt URL category on the External
DLP Policies > Destinations page.
Table 24-8
Access Log File Entry — Scanning Verdict Information
Field Value
Description