Cisco Cisco Web Security Appliance S390 사용자 가이드
21-23
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 21 Monitor System Activity Through Logs
Access Log Files
27
“-”
“%XS”
Safe browsing scanning verdict. This value indicates whether either
the safe search or the site content ratings feature was applied to
the transaction.
the safe search or the site content ratings feature was applied to
the transaction.
For a list of the possible values, see
28
489.73
%XB
The average bandwidth consumed serving the request, in Kb/sec.
29
0
%XT
A value that indicates whether the request was throttled due to
bandwidth limit control settings, where “1” indicates the request was
throttled, and “0” indicates it was not.
bandwidth limit control settings, where “1” indicates the request was
throttled, and “0” indicates it was not.
30
[Local]
%l
The type of user making the request, either “[Local]” or “[Remote].”
Only applies when AnyConnect Secure Mobility is enabled. When it
is not enabled, the value is a hyphen (-).
Only applies when AnyConnect Secure Mobility is enabled. When it
is not enabled, the value is a hyphen (-).
31
“-”
“%X3”
Unified request-side anti-malware scanning verdict independent of
which scanning engines are enabled. Applies to transactions blocked
or monitored due to client request scanning when an Outbound
Malware Scanning Policy applies.
which scanning engines are enabled. Applies to transactions blocked
or monitored due to client request scanning when an Outbound
Malware Scanning Policy applies.
32
“-”
“%X4”
The threat name assigned to the client request that was blocked or
monitored due to an applicable Outbound Malware Scanning Policy.
monitored due to an applicable Outbound Malware Scanning Policy.
This threat name is independent of which anti-malware scanning
engines are enabled.
engines are enabled.
33
37
%X#1#
Verdict from Advanced Malware Protection file scanning:
•
0: File is not malicious
•
1: File was not scanned because of its file type
•
2: File scan timed out
•
3: Scan error
•
Greater than 3: File is malicious
34
"W32.CiscoTestVector"
%X#2#
Threat name, as determined by Advanced Malware Protection file
scanning; "-" indicates no threat.
scanning; "-" indicates no threat.
35
33
%X#3#
Reputation score from Advanced Malware Protection file scanning.
This score is used only if the cloud reputation service is unable to
determine a clear verdict for the file.
This score is used only if the cloud reputation service is unable to
determine a clear verdict for the file.
For details, see information about the Threat Score and the
reputation threshold in
reputation threshold in
Chapter 17, “File Reputation Filtering and
File Analysis.”
36
0
%X#4#
Indicator of upload and analysis request:
“0” indicates that Advanced Malware Protection did not request
upload of the file for analysis.
upload of the file for analysis.
“1” indicates that Advanced Malware Protection did request upload
of the file for analysis.
of the file for analysis.
Position Field Value
Format Specifier Description