Cisco Cisco Web Security Appliance S380 Guida Utente

%:m<

x-p2p-mcafee-resp-svc-time

Wait-time to receive the verdict from the 
McAfee scanning engine, including the time 
required for the Web Proxy to send the 
request.

%:m>

x-p2p-mcafee-resp-wait-time Wait-time to receive the response from the 

McAfee scanning engine, after the Web 
Proxy sent the request.

%:p<

x-p2p-sophos-resp-svc-time

Wait-time to receive the verdict from the 
Sophos scanning engine, including the time 
required for the Web Proxy to send the 
request.

%:p>

x-p2p-sophos-resp-wait-time Wait-time to receive the response from the 

Sophos scanning engine, after the Web Proxy 
sent the request.

%:w<

x-p2p-webroot-resp-svc-time Wait-time to receive the verdict from the 

Webroot scanning engine, including the time 
required for the Web Proxy to send the 
request.

%:w>

x-p2p-webroot-resp-wait-tim
e

Wait-time to receive the response from the 
Webroot scanning engine, after the Web 
Proxy sent the request.

%?BLOCK_SUSPECT
_USER_AGENT,
MONITOR_SUSPECT
_USER_AGENT?%
<User-Agent:%!%-%.

x-suspect-user-agent

Suspect user agent, if applicable. If the Web 
Proxy determines the user agent is suspect, it 
will log the user agent in this field. 
Otherwise, it logs a hyphen. This field is 
written with double-quotes in the access logs.

%<Referer:

cs(Referer)

Referer

%>Server:

sc(Server)

Server header in the response

%a

c-ip

Client IP Address

%A

cs-username

Authenticated user name. This field is written 
with double-quotes in the access logs.

%b

sc-body-size

Bytes sent to the client from the Web Proxy 
for the body content.

%B

bytes

Total bytes used (request size + response 
size, which is %q + %s)

%c

cs-mime-type

Response body MIME type. This field is 
written with double-quotes in the access logs.

%C

cs(Cookie)

Cookie header. This field is written with 
double-quotes in the access logs.

%d

s-hostname

Data source or server IP address

%D

x-acltag

ACL decision tag. See 

.