Cisco Cisco Web Security Appliance S170 Guía Del Usuario
23-8
Cisco IronPort AsyncOS 7.5.7 for Web User Guide
Chapter 23 Reporting
Enabling Centralized Reporting
1159772400.0, 1159858799.0, 2006-10-02 07:00 GMT, 2006-10-03 06:59 GMT, Adware, 525,
2100, 2625
Note
Category headers are different for each type of report.
Note
If you export localized CSV data, the headings may not be rendered properly in some browsers. This
occurs because some browsers may not use the proper character set for the localized text. To work around
this problem, you can save the file to your local machine, and open the file in any web browser using
File > Open. When you open the file, select the character set to display the localized text.
occurs because some browsers may not use the proper character set for the localized text. To work around
this problem, you can save the file to your local machine, and open the file in any web browser using
File > Open. When you open the file, select the character set to display the localized text.
Enabling Centralized Reporting
When the Web Security appliance is managed by a Security Management appliance, you can choose
which appliance displays reports on the web traffic that is processed by the Web Security appliance. By
default, the Web Security appliance maintains the reports (Local Reporting). However, you can
configure the Web Security appliance so that the Security Management appliance maintains the reports
by enabling Centralized Reporting. You might want to enable Centralized Reporting when the Security
Management appliance manages multiple Web Security appliances. This gives you a centralized view of
web traffic across all Web Security appliances.
which appliance displays reports on the web traffic that is processed by the Web Security appliance. By
default, the Web Security appliance maintains the reports (Local Reporting). However, you can
configure the Web Security appliance so that the Security Management appliance maintains the reports
by enabling Centralized Reporting. You might want to enable Centralized Reporting when the Security
Management appliance manages multiple Web Security appliances. This gives you a centralized view of
web traffic across all Web Security appliances.
Note
When you enable Centralized Reporting, only the System Capacity and System Status reports are
available on the Web Security appliance. To view the other reports, connect to the Security Management
appliance. The Web Security appliance no longer stores data for the other reports.
available on the Web Security appliance. To view the other reports, connect to the Security Management
appliance. The Web Security appliance no longer stores data for the other reports.
To enable Centralized Reporting:
Step 1
Navigate to the Security Services > Reporting page, and click Edit Settings.
Table 23-3
Viewing Raw Data Entries
Category Header
Value
Description
Begin Timestamp
1159772400.0
Query start time in number of seconds from epoch.
End Timestamp
1159858799.0
Query end time in number of seconds from epoch.
Begin Date
2006-10-02 07:00
GMT
Date the query began.
End Date
2006-10-03 06:59
GMT
Date the query ended.
Name
Adware
Name of the malware category.
Transactions Monitored
525
Number of transactions monitored.
Transactions Blocked
2100
Number of transactions blocked.
Transactions Detected
2625
Total number of transactions:
Number of transactions detected + Number of
transactions blocked.
transactions blocked.