Cisco Cisco Web Security Appliance S660 Guida Utente
A C L D E C I S I O N T A G S
C H A P T E R 2 0 : L O G G I N G
439
ACL Decision Tags
An ACL decision tag is a field in an access log entry that indicates how the Web Proxy
handled the transaction. It includes information from the Web Reputation filters, URL
categories, and the scanning engines.
handled the transaction. It includes information from the Web Reputation filters, URL
categories, and the scanning engines.
Table 20-7 describes the ACL decision tag values.
TCP_CLIENT_REFRESH
_MISS
_MISS
The client sent a “don’t fetch response from cache” request by issuing
the ‘Pragma: no-cache’ header. Due to this header from the client, the
appliance fetched the object from the origin server.
the ‘Pragma: no-cache’ header. Due to this header from the client, the
appliance fetched the object from the origin server.
TCP_DENIED
The client request was denied due to Access Policies.
NONE
There was an error in the transaction. For example, a DNS failure or
gateway timeout.
gateway timeout.
FTP_HIT
The object requested was fetched from the disk cache. This is used for
native FTP transactions only.
native FTP transactions only.
FTP_MEM_HIT
The object requested was fetched from the memory cache. This is
used for native FTP transactions only.
used for native FTP transactions only.
FTP_MISS
The object was not found in the cache, so it was fetched from the
origin server. This is used for native FTP transactions only.
origin server. This is used for native FTP transactions only.
FTP_REFRESH_HIT
The object was in the cache, but had expired. The proxy fetched the
object from the origin server. This is used for native FTP transactions
only.
object from the origin server. This is used for native FTP transactions
only.
FTP_DENIED
The client request was denied due to Access Policies. This is used for
native FTP transactions only.
native FTP transactions only.
Table 20-7 ACL Decision Tag Values
ACL Decision Tag
Description
ALLOW_ADMIN
The Web Proxy allowed the transaction based on
Applications settings for the Access Policy group.
Applications settings for the Access Policy group.
ALLOW_ADMIN_ERROR_PAGE
The Web Proxy allowed the transaction to an IronPort
notification page and to any logo used on that page.
notification page and to any logo used on that page.
ALLOW_WBRS
The Web Proxy allowed the transaction based on the
Web Reputation filter settings for the Access Policy
group.
Web Reputation filter settings for the Access Policy
group.
Table 20-6 Transaction Result Codes (Continued)
Result Code
Description