Cisco Cisco Web Security Appliance S190 Guía Del Usuario
24-37
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 24 Logging
W3C Compliant Access Logs
•
When defining a W3C access log subscription, you can choose from a list of
predefined log fields or enter a custom log field. For more information, see
predefined log fields or enter a custom log field. For more information, see
•
If you want to use a third party log analyzer tool to read and parse the W3C
access logs, you might need to include the “timestamp” field. The timestamp
W3C field displays time since the UNIX epoch, and most log analyzers only
understand time in this format.
access logs, you might need to include the “timestamp” field. The timestamp
W3C field displays time since the UNIX epoch, and most log analyzers only
understand time in this format.
•
If you want to copy the log fields included in a W3C access log in their order,
use the
use the
logconfig > edit
CLI command. The CLI displays the log fields in
order, from which you can copy and then paste them into a separate Web
Security appliance web interface.
Security appliance web interface.
W3C Log File Headers
Each W3C log file contains header text at the beginning of the file. Each line starts
with the # character and provides information about the Web Security appliance
that created the log file. The W3C log file headers also include the file format (list
of fields), making the log file self-describing.
with the # character and provides information about the Web Security appliance
that created the log file. The W3C log file headers also include the file format (list
of fields), making the log file self-describing.
For example, a W3C log file might contain the following header information:
#Version: 1.0
#Date: 2009-06-15 13:55:20
#System: 10.1.1.1 - wsa.qa
Table 24-9
W3C Log File Header Fields
Header Field
Description
Version
The version of the W3C ELF format used.
Date
The date and time at which the entry was added.
System
The Web Security appliance that generated the log file in the
format “Management_IP - Management_hostname.”
format “Management_IP - Management_hostname.”
Software
The Software which generated these logs
Fields
The fields recorded in the log