Cisco Cisco Web Security Appliance S360 Guia Do Utilizador
Chapter 24 Logging
Custom Formatting in Access Logs and W3C Logs
24-42
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
cs-version
%P
Protocol, including the version number when
applicable
applicable
date
%v
Date in YYYY-MM-DD
DCF
%j
Do not cache response code; DCF flags
s-computerName
%N
Server name or destination hostname. This
field is written with double-quotes in the
access logs.
field is written with double-quotes in the
access logs.
s-hierarchy
%H
Hierarchy retrieval
s-hostname
%d
Data source or server IP address
s-ip
%k
Data source IP address (server IP address)
s-port
%p
Destination port number
sc(Server)
%>Server:
Server header in the response
sc-body-size
%b
Bytes sent to the client from the Web Proxy
for the body content.
for the body content.
sc-bytes
%s
Response size (header + body)
sc-http-status
%h
HTTP response code
sc-result-code
%w
Result code
For example: TCP_MISS, TCP_HIT
sc-result-code-denial
%W
Result code denial
time
%V
Time in HH:MM:SS
timestamp
%t
Timestamp in UNIX epoch
Note: If you want to use a third party log
analyzer tool to read and parse the W3C
access logs, you might need to include the
“timestamp” field. Most log analyzers only
understand time in the format provided by
this field.
analyzer tool to read and parse the W3C
access logs, you might need to include the
“timestamp” field. Most log analyzers only
understand time in the format provided by
this field.
Table 24-11
Log Fields in W3C Logs and Format Specifiers in Access Logs
W3C Log Field
Format Specifier in
Access Logs
Access Logs
Description