Cisco Cisco Web Security Appliance S370 Guía Del Usuario

452

I R O N P O R T   A S Y N C O S   6 . 3   F O R   W E B   U S E R   G U I D E  

%Xl

IronPort Data Security Policy scanning 
verdict. If this field is included, it will 
display the IDS verdict, or “0” if IDS was 
active but the document scanned clean, or 

"-" if no IDS policy was active for the 

request.

%Xp

External DLP server scanning verdict

x-acltag

%D

ACL decision tag

x-dvs-threat-name

%X1

DVS threat name. This field is written with 
double-quotes in the access logs.

x-dvs-scanverdict

%X0

DVS Scan Verdict

x-elapsed-time

%e

Elapsed time

x-error-code

%E

Error type

x-hierarchy-origin

%H/%d

Code that describes which server was 
contacted for the retrieving the request 
content.   (e.g. DIRECT/www.example.com) 

x-latency

%x

Latency

x-local_time

%L

Request local time in human readable 
format: DD/MMM/YYYY : hh:mm:ss +nnnn. 
This field is written with double-quotes in 
the access logs.

x-mcafee-av-detecttype

%Xg

McAfee specific identifier: (detect type)

x-mcafee-av-scanerror

%Xf

McAfee specific identifier: (scan error)

x-mcafee-av-virustype

%Xh

McAfee specific identifier: (virus type)

x-mcafee-filename

%Xe

McAfee specific identifier: (File name 
yielding verdict) This field is written with 
double-quotes in the access logs.

x-mcafee-scanverdict

%Xd

McAfee specific identifier: (scan verdict)

x-mcafee-virus-name

%Xj

McAfee specific identifier: (virus name) This 
field is written with double-quotes in the 
access logs.

Table 20-11 Log Fields in W3C Logs and Format Specifiers in Access Logs (Continued)

W3C Log Field

Format Specifier 
in Access Logs

Description