Cisco Cisco Web Security Appliance S660 Guida Utente

%XS

x-request-rewrite

Safe browsing scanning verdict.

Indicates whether either the safe search or site content 
ratings feature was applied to the transaction. 

%Xt

x-webroot-trr

Webroot specific identifier: (Threat Risk Ratio 
[TRR]).

%XT 

x-bw-throttled 

Flag that indicates whether bandwidth limits were 
applied to the transaction.

%Xu 

x-avc-type 

The web application type identified by the 
AVC engine.

%Xv

x-webroot-scanverdict

Malware scanning verdict from Webroot.

%XV

x-request-source-ip

The downstream IP address when the “Enable 
Identification of Client IP Addresses using 
X-Forwarded-For” checkbox is enabled for the Web 
Proxy settings.

%XW

x-wbrs-score

Decoded WBRS score <-10.0-10.0>.

%Xx

x-sophos-scanerror

Sophos specific identifier: (scan return code).

%Xy

x-sophos-file-name

The file location where Sophos found the 
objectionable content. For non-archive files, this 
value is the file name itself. For archive file, it is the 
object in the archive, such as 

archive.zip/virus.exe

.

%XY

x-sophos-scanverdict

Sophos specific identifier: (scan verdict).

%Xz

x-sophos-virus-name

Sophos specific identifier: (threat name).

%XZ

x-resp-dvs-verdictname

Unified response-side anti-malware scanning verdict 
that provides the malware category independent of 
which scanning engines are enabled. Applies to 
transactions blocked or monitored due to server 
response scanning.

This field is written with double-quotes in the 
access logs.

%X#1# 

x-amp-verdict

Verdict from Advanced Malware Protection 
file scanning:

0: File is not malicious. 

1: File was not scanned because of its file type. 

2: File scan timed out. 

3: Scan error. 

Greater than 3: File is malicious. 

%X#2#

x-amp-malware-name

Threat name, as determined by Advanced Malware 
Protection file scanning. “-” indicates no threat.