Cisco Cisco Web Security Appliance S660 Guida Utente
20-32
Cisco AsyncOS for Web User Guide
Chapter 20 Monitor System Activity Through Logs
Log File Fields and Tags
Related Topics
•
.
•
.
%X#1#
x-amp-verdict
Verdict from Advanced Malware Protection
file scanning:
file scanning:
•
“0” indicates the file is clean.
•
“1” indicates the file was not scanned
due to its file type.
due to its file type.
•
“2” or greater indicates the file is not
clean.
clean.
%X#2#
x-amp-malware-name
Threat name, as determined by Advanced
Malware Protection file scanning. "-"
indicates no threat.
Malware Protection file scanning. "-"
indicates no threat.
%X#3#
x-amp-score
Reputation score from Advanced Malware
Protection file scanning.
Protection file scanning.
This score is used only if the cloud reputation
service is unable to determine a clear verdict
for the file.
service is unable to determine a clear verdict
for the file.
For details, see information about the Threat
Score and the reputation threshold in
Score and the reputation threshold in
%X#4#
x-amp-upload
Indicator of upload and analysis request:
“0” indicates that Advanced Malware
Protection did not request upload of the file
for analysis.
Protection did not request upload of the file
for analysis.
“1” indicates that Advanced Malware
Protection did request upload of the file for
analysis.
Protection did request upload of the file for
analysis.
%X#5#
x-amp-filename
The name of the file being downloaded and
analyzed.
analyzed.
%X#6#
x-amp-sha
The SHA-256 identifier for this file.
%y
cs-method
Method
%Y
cs-url
The entire URL
N/A
x-hierarchy-origin
Code that describes which server was
contacted for the retrieving the request
content. (e.g. DIRECT/www.example.com)
contacted for the retrieving the request
content. (e.g. DIRECT/www.example.com)
N/A
x-resultcode-httpstatus
Result code and the HTTP response code,
with a slash (/) in between.
with a slash (/) in between.
Format Specifier in
Access Logs
Access Logs
Log Field in W3C Logs
Description