Cisco Cisco Web Security Appliance S370 Guía Del Usuario
450
I R O N P O R T A S Y N C O S 6 . 3 F O R W E B U S E R G U I D E
C U S T O M FO R M A T T I N G I N A C C E S S L O G S A N D W 3 C L O G S
You can customize access logs and W3C access logs to include many different fields to
capture comprehensive information about web traffic within the network. Access logs use
format specifiers, and the W3C access logs use W3C log fields.
capture comprehensive information about web traffic within the network. Access logs use
format specifiers, and the W3C access logs use W3C log fields.
Table 20-11 describes the W3C log fields you can include in the W3C access logs and the
custom format specifiers (for the access logs) they correspond with.
custom format specifiers (for the access logs) they correspond with.
Table 20-11 Log Fields in W3C Logs and Format Specifiers in Access Logs
W3C Log Field
Format Specifier
in Access Logs
in Access Logs
Description
bytes
%B
Total bytes used (request size + response
size, which is %b + %q)
size, which is %b + %q)
c-ip
%a
Client IP Address
CMF
%M
Cache miss flags, CMF flags
cs(Cookie)
%C
Cookie header. This field is written with
double-quotes in the access logs.
double-quotes in the access logs.
cs(Host)
%<Host:
Host
cs-mime-type
%c
Response body MIME type. This field is
written with double-quotes in the access
logs.
written with double-quotes in the access
logs.
cs(Referer)
%<Referrer:
Referrer
cs(User-Agent)
%u
User agent. This field is written with double-
quotes in the access logs.
quotes in the access logs.
cs(X-Forwarded-For)
%f
X-Forwarded-For header
cs-auth-group
%g
Authorized group names. This field is
written with double-quotes in the access
logs.
written with double-quotes in the access
logs.
cs-bytes
%q
Request body size
cs-method
%y
Method
N/A
%r
Request first line - request method, URI,
HTTP version
HTTP version
cs-uri
%U
Request URI
cs-url
%Y
The entire URL