Cisco Cisco Web Security Appliance S370 Guía Del Usuario
15-12
Cisco AsyncOS 8.0.6 for Web User Guide
Chapter 15 Prevent Loss of Sensitive Data
Logging
The following text illustrates a sample Data Security Log entry:
Note
To learn when data transfer, such as a POST request, to a site was blocked by the external DLP server,
search for the IP address or hostname of the DLP server in the access logs.
search for the IP address or hostname of the DLP server in the access logs.
Mon Mar 30 03:02:13 2009 Info: 303 10.1.1.1 - -
<<bar,text/plain,5120><foo,text/plain,5120>>
BLOCK_WEBCAT_IDS-allowall-DefaultGroup-DefaultGroup-NONE-DefaultRouting ns server.com nc
Field Value
Description
Mon Mar 30 03:02:13 2009 Info:
Timestamp and trace level
303
Transaction ID
10.1.1.1
Source IP address
-
User name
-
Authorized group names
<<bar,text/plain,5120><foo,text/plai
n,5120>>
File name, file type, file size for each file uploaded at once
Note
This field does not include text/plain files that are
less than the configured minimum request body
size, the default of which is 4096 bytes.
less than the configured minimum request body
size, the default of which is 4096 bytes.
BLOCK_WEBCAT_IDS-allowall-DefaultGro
up-DefaultGroup-NONE-DefaultRouting
Cisco IronPort Data Security Policy and action
ns
Web reputation score
server.com
Outgoing URL
nc
URL category