Cisco Cisco Web Security Appliance S190 Guía Del Usuario
21-25
AsyncOS 8.8 for Cisco Web Security Appliances User Guide
Chapter 21 Monitor System Activity Through Logs
W3C Compliant Access Log Files
•
Each line in the W3C access log file relates to one transaction, and each line is terminated by a LF
sequence.
sequence.
•
•
W3C Log File Headers
Each W3C log file contains header text at the beginning of the file. Each line starts with the # character
and provides information about the Web Security appliance that created the log file. The W3C log file
headers also include the file format (list of fields), making the log file self-describing.
and provides information about the Web Security appliance that created the log file. The W3C log file
headers also include the file format (list of fields), making the log file self-describing.
The following table describes the header fields listed at the beginning of each W3C log file.
Example W3C log file:
W3C Field Prefixes
Most W3C log field names include a prefix that identifies from which header a value comes, such as the
client or server. Log fields without a prefix reference values that are independent of the computers
involved in the transaction. The following table describes the W3C log fields prefixes.
client or server. Log fields without a prefix reference values that are independent of the computers
involved in the transaction. The following table describes the W3C log fields prefixes.
Header Field
Description
Version
The version of the W3C ELF format used.
Date
The date and time at which the header (and log file) was created.
System
The Web Security appliance that generated the log file in the format “Management_IP
- Management_hostname.”
- Management_hostname.”
Software
The Software which generated these logs
Fields
The fields recorded in the log
#Version: 1.0
#Date: 2009-06-15 13:55:20
#System: 10.1.1.1 - wsa.qa
#Software: AsyncOS for Web 6.3.0
#Fields: timestamp x-elapsed-time c-ip x-resultcode-httpstatus sc-bytes cs-method
cs-url cs-username x-hierarchy-origin cs-mime-type x-acltag x-result-code
x-suspect-user-agent
Prefix Header
Description
c Client
s Server
cs Client
to
server
sc Server
to
client
x
Application specific identifier.