Cisco Cisco Web Security Appliance S370 사용자 가이드
24-27
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 24 Logging
W3C Compliant Access Logs
describes the header fields listed at the beginning of each W3C log file.
For example, a W3C log file might contain the following header information:
#Version: 1.0
#Date: 2009-06-15 13:55:20
#System: 10.1.1.1 - wsa.qa
#Software: AsyncOS for Web 6.3.0
#Fields: timestamp x-elapsed-time c-ip x-resultcode-httpstatus sc-bytes cs-method cs-url
cs-username x-hierarchy-origin cs-mime-type x-acltag x-result-code x-suspect-user-agent
Working with Log Fields in W3C Access Logs
When defining a W3C access log subscription, you must choose which log fields to include, such as the
ACL decision tag or the client IP address. You can include one of the following types of log fields:
ACL decision tag or the client IP address. You can include one of the following types of log fields:
•
Predefined. The web interface includes a list of fields from which you can choose. For more
information, see
information, see
.
•
User defined. You can type a log field that is not included in the predefined list. For more
information, see
information, see
Most W3C log field names include a prefix that identifies from which header a value comes, such as the
client or server. Log fields without a prefix reference values that are independent of the computers
involved in the transaction.
client or server. Log fields without a prefix reference values that are independent of the computers
involved in the transaction.
describes the W3C log fields prefixes.
For example, the W3C log field “cs-method” refers to the method in the request sent by the client to the
server, and “c-ip” refers to the client’s IP address.
server, and “c-ip” refers to the client’s IP address.
Table 24-9
W3C Log File Header Fields
Header Field
Description
Version
The version of the W3C ELF format used.
Date
The date and time at which the entry was added.
System
The Web Security appliance that generated the log file in the format “Management_IP
- Management_hostname.”
- Management_hostname.”
Software
The Software which generated these logs
Fields
The fields recorded in the log
Table 24-10
W3C Log Field Prefixes
Prefix Header
Description
c Client
s Server
cs Client
to
server
sc Server
to
client
x
Application specific identifier.