Cisco Cisco Web Security Appliance S660 Guida Utente
21-35
AsyncOS 8.7 for Cisco Web Security Appliances User Guide
Chapter 21 Monitor System Activity Through Logs
Log File Fields and Tags
%Xf
x-mcafee-av-scanerror
McAfee specific identifier: (scan error).
%XF
x-webcat-code-full
Full name of the URL category assigned to the
transaction. This field is written with double-quotes
in the access logs.
transaction. This field is written with double-quotes
in the access logs.
%Xg
x-mcafee-av-detecttype
McAfee specific identifier: (detect type).
%XG
x-avc-reqhead-scanverdict AVC request header verdict.
%Xh
x-mcafee-av-virustype
McAfee specific identifier: (virus type).
%XH x-avc-reqbody-scanverdic
t
AVC request body verdict.
%Xi
x-webroot-trace-id
Webroot specific scan identifier: (Trace ID)
%Xj
x-mcafee-virus-name
McAfee specific identifier: (virus name). This field
is written with double-quotes in the access logs.
is written with double-quotes in the access logs.
%Xk
x-wbrs-threat-type
Web reputation threat type.
%XK
x-wbrs-threat-reason
Web reputation threat reason.
%Xl
x-ids-verdict
Cisco Data Security Policy scanning verdict. If this
field is included, it will display the IDS verdict, or “0”
if IDS was active but the document scanned clean, or
“-” if no IDS policy was active for the request.
field is included, it will display the IDS verdict, or “0”
if IDS was active but the document scanned clean, or
“-” if no IDS policy was active for the request.
%XL
x-webcat-resp-code-full
The URL category verdict determined during
response-side scanning, full name.Applies to the
Cisco Web Usage Controls URL filtering engine only.
response-side scanning, full name.Applies to the
Cisco Web Usage Controls URL filtering engine only.
%XM
x-avc-resphead-scanverdict AVC response header verdict.
%Xn
x-webroot-threat-name
Webroot specific identifier: (Threat name) This field
is written with double-quotes in the access logs.
is written with double-quotes in the access logs.
%XN
x-avc-reqbody-scanverdict AVC response body verdict.
%XO
x-avc-app
The web application identified by the AVC engine.
%Xp
x-icap-verdict
External DLP server scanning verdict.
%XP
x-acl-added-headers
Unrecognized header. Use this field to log extra
headers in client requests. This supports
troubleshooting of specialized systems that add
headers to client requests as a way of authenticating
and redirecting those requests, for example,
YouTube for Schools.
headers in client requests. This supports
troubleshooting of specialized systems that add
headers to client requests as a way of authenticating
and redirecting those requests, for example,
YouTube for Schools.
%XQ
x-webcat-req-code-abbr
The URL category verdict determined during
request-side scanning, abbreviated.
request-side scanning, abbreviated.
%Xr
x-result-code
Scanning verdict information.
%XR
x-webcat-req-code-full
The URL category verdict determined during
request-side scanning, full name.
request-side scanning, full name.
%Xs
x-webroot-spyid
Webroot specific identifier: (Spy ID).
Format Specifier in
Access Logs
Access Logs
Log Field in W3C Logs
Description