Cisco Cisco Web Security Appliance S670 Mode D'Emploi
20-28
AsyncOS 8.1 for Cisco Web Security User Guide
Chapter 20 Monitor System Activity Through Logs
Access Log Field Descriptions and Identifiers
MONITOR_CONTINUE_CUSTOMCAT
Originally, the Web Proxy blocked the transaction and
displayed the Warn and Continue page based on a custom
URL category in the Access Policy group configured to
“Warn.” The user accepted the warning and continued to the
originally requested site, and no other scanning engine
subsequently blocked the request.
displayed the Warn and Continue page based on a custom
URL category in the Access Policy group configured to
“Warn.” The user accepted the warning and continued to the
originally requested site, and no other scanning engine
subsequently blocked the request.
MONITOR_CONTINUE_WEBCAT
Originally, the Web Proxy blocked the transaction and
displayed the Warn and Continue page based on a
predefined URL category in the Access Policy group
configured to “Warn.” The user accepted the warning and
continued to the originally requested site, and no other
scanning engine subsequently blocked the request.
displayed the Warn and Continue page based on a
predefined URL category in the Access Policy group
configured to “Warn.” The user accepted the warning and
continued to the originally requested site, and no other
scanning engine subsequently blocked the request.
MONITOR_IDS
The Web Proxy scanned the upload request using either a
Data Security Policy or an External DLP Policy, but did not
block the request. It evaluated the request against the
Access Policies.
Data Security Policy or an External DLP Policy, but did not
block the request. It evaluated the request against the
Access Policies.
MONITOR_SUSPECT_USER_AGENT
The Web Proxy monitored the transaction based on the
Suspect User Agent setting for the Access Policy group.
Suspect User Agent setting for the Access Policy group.
MONITOR_WBRS
The Web Proxy monitored the transaction based on the Web
Reputation filter settings for the Access Policy group.
Reputation filter settings for the Access Policy group.
NO_AUTHORIZATION
The Web Proxy did not allow the user access to the
application because the user was already authenticated
against an authentication realm, but not against any
authentication realm configured in the Application
Authentication Policy.
application because the user was already authenticated
against an authentication realm, but not against any
authentication realm configured in the Application
Authentication Policy.
NO_PASSWORD
The user failed authentication.
PASSTHRU_ADMIN
The Web Proxy passed through the transaction based on
some default settings for the Decryption Policy group.
some default settings for the Decryption Policy group.
PASSTHRU_WEBCAT
The Web Proxy passed through the transaction based on
URL category filtering settings for the Decryption Policy
group.
URL category filtering settings for the Decryption Policy
group.
PASSTHRU_WBRS
The Web Proxy passed through the transaction based on the
Web Reputation filter settings for the Decryption Policy
group.
Web Reputation filter settings for the Decryption Policy
group.
REDIRECT_CUSTOMCAT
The Web Proxy redirected the transaction to a different
URL based on a custom URL category in the Access Policy
group configured to “Redirect.”
URL based on a custom URL category in the Access Policy
group configured to “Redirect.”
SAAS_AUTH
The Web Proxy allowed the user access to the application
because the user was authenticated transparently against the
authentication realm configured in the Application
Authentication Policy.
because the user was authenticated transparently against the
authentication realm configured in the Application
Authentication Policy.
OTHER
The Web Proxy did not complete the request due to an error,
such as an authorization failure, server disconnect, or an
abort from the client.
such as an authorization failure, server disconnect, or an
abort from the client.
ACL Decision Tag
Description