Cisco Cisco Web Security Appliance S370 Guía De Instalación

For example, click on the hyper-linked user name or IP address for an individual user.

Simple and advanced search options are available using the Web Tracking Report. 

Make the search as specific as possible and narrow the time range.

Cisco Web Security Appliance Advanced Reporting uses a set of files to populate menus for the Web 
Tracking page. If you are experiencing problems with the Web Tracking page menus, verify that these 
files are in the application’s lookups folder:

malware_categories.csv

transaction_types.csv

url_categories.csv

The Splunk administrator can edit the list of URL categories visible within Splunk.  When a category 
appears within the access log, but is not present in the lookup file, Cisco Web Security Appliance 
Advanced Reporting displays “Custom Category”. 

Splunk administrators can control the options available in the dropdown fields in the Web Tracking form. 

The departments.csv is a file used as part of the role based security functionality.  This file may be edited 
manually or by configuring one of the role discovery scripts (available in the application’s bin folder) as 
a scripted input.  There is a script for both Linux and Windows.

Ensure the file exists in the application’s lookup folder

If the Linux version is used, ensure the CLI ldapsearch is installed and in the Splunk user’s path

If the Windows version is used “option explicit” may be commented out to reveal more specific 
information regarding from where and why an error may have originated.

Verify the LDAP paths are syntactically correct