Cisco Cisco Web Security Appliance S170 Guia Do Utilizador
20-12
Cisco AsyncOS for Web User Guide
Chapter 20 Monitor System Activity Through Logs
Access Log Files
Step 3
Recreate the issue and read the new Web Proxy module log for relevant entries.
Step 4
Repeat as required with other Web Proxy module logs.
Step 5
Remove subscriptions that are no longer required.
Related Topics
•
.
Access Log Files
Access log files provides a descriptive record of all Web Proxy filtering and scanning activity. Access
log file entries display a record of how the appliance handled each transaction.
log file entries display a record of how the appliance handled each transaction.
Note
The W3C access log also records all Web Proxy filtering and scanning activity, but in a format that is
W3C compliant.
W3C compliant.
Interpreting Access Log File Entries
The following text is an example access log file entry for a single transaction:
Each item of information in this example corresponds to a log file format specifier. Use the following
table to match the information items to their format specifiers:
table to match the information items to their format specifiers:
1278096903.150 97 172.xx.xx.xx TCP_MISS/200 8187 GET http://my.site.com/ -
DIRECT/my.site.com text/plain
DEFAULT_CASE_11-AccessOrDecryptionPolicy-Identity-OutboundMalwareScanningPolicy-DataSecu
rityPolicy-ExternalDLPPolicy-RoutingPolicy
<IW_comp,6.9,-,"-",-,-,-,-,"-",-,-,-,"-",-,-,"-","-",-,-,IW_comp,-,"-","-","Unknown","Un
known","-","-",198.34,0,-,[Local],"-",37,"W32.CiscoTestVector",33,0,"WSA-INFECTED-FILE.p
df","fd5ef49d4213e05f448f11ed9c98253d85829614fba368a421d14e64c426da5e”> -
Position
Field Value
Format Specifier
1
1278096903.150
%t
2
97
%e
3
172.xx.xx.xx
%a
4
TCP_MISS
%w
5
200
%h
6
8187
%s
7
GET http://my.site.com/
%2r
8
-
%A
9
DIRECT
%H
10
my.site.com
%d
11
text/plain
%c