Cisco Cisco Web Security Appliance S170 사용자 가이드

IP address. For example, 10.1.1.0.

CIDR address. For example, 10.1.1.0/24.

Domain name. For example, example.com. Entering a domain name such as example.com will also 
match www.example.com and hostname.example.com.

Hostname. For example, crm.example.com.

The S-Series appliance supports several options for generating feature specific reports and interactive 
displays of summary statistics. 

The Reporting > L4 Traffic Monitor page provides statistical summaries of monitoring activity. You can 
interactively update these displays by specifying a time range of hour, day, week or month. Additionally, 
you have the option to print these display pages and export the raw data to a file.

You can use the following displays and reporting tools to view the results of L4 Traffic Monitor activity:

If the Web Proxy is configured as a forward proxy and L4 Traffic Monitor is set to monitor all ports, the 
IP address of the proxy’s data port is recorded and displayed as a client IP address in the client activity 
report on the Reporting > Client Activity page. If the Web Proxy is configured as a transparent proxy, 
enable IP spoofing to correctly record and display the client IP addresses.

The L4 Traffic Monitor log file provides a detailed record of monitoring activity. For more information 
about the L4 Traffic Monitor log, see 

.

Client statistics

Reporting > Client Activity 

Malware statistics

Port statistics

Reporting > L4 Traffic Monitor

L4 Traffic Monitor log files

System Administration > Log Subscriptions

trafmon_errlogs

trafmonlogs