Cisco Cisco Web Security Appliance S170 사용자 가이드
24-53
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 24 Logging
Traffic Monitor Log
Traffic Monitor Log
The L4 Traffic Monitor log file provides a detailed record of monitoring activity.
You can view L4 Traffic Monitor log file entries and track updates to firewall
block lists and firewall allow lists. Consider the following example log entries:
You can view L4 Traffic Monitor log file entries and track updates to firewall
block lists and firewall allow lists. Consider the following example log entries:
Example 1
172.xx.xx.xx discovered for blocksite.net (blocksite.net) added to
firewall block list.
In this example, where a match becomes a block list firewall entry. The L4 Traffic
Monitor matched an IP address to a domain name in the block list based on a DNS
request which passed through the appliance. The IP address is then entered into
the block list for the firewall.
Monitor matched an IP address to a domain name in the block list based on a DNS
request which passed through the appliance. The IP address is then entered into
the block list for the firewall.
18
Commercial System Monitor
19
Dialer
20
Hijacker
21
Phishing URL
22
Trojan Downloader
23
Trojan Horse
24
Trojan Phisher
25
Worm
26
Encrypted File
27
Virus
28
Too Many Outstanding requests
33
Other Malware
34
PUA
Table 24-13
Malware Scanning Verdict Values (continued)
Malware Scanning Verdict Value
Malware Category