C613-22104-00 REV B Web Control Log Messages | Page 71
Logging Advanced Network Protection
Web Control Log Messages
The message part includes information in the following format:
Web_Control: <action> <url> requested by <source-ip>: <category>, <order>
Web control block messages have severity level ‘warning’ (4); allow messages have severity level
‘info’ (6).
Anti-virus Log Messages
When Anti-virus detects a virus named in its database it generates messages with the following
format:
antivirus: Virus <virus> detected in <url> to <client-ip>
Anti-virus can also generate messages in the following formats for issues related to scanning the
traffic:
Output 12: Example URL filtering log message for a dropped URL request
2016 Nov 17 02:02:21 local5.info awplus IPS[2039]: [Drop] URLFILTER: URL:http:/
kdskspb.ru/ [http] 192.168.1.1:58272 -> 172.16.1.2:80
Output 13: Example URL filtering log message for a permitted URL request when log url-requests is
configured
2017 Apr 12 03:47:21 local5.info awplus IPS[3885]: [Http] URL:http://172.16.1.2/
192.168.1.1:53698 -> 172.16.1.2:80
Table 10: Elements in Web Control log messages
Message element Description
<action>
The action applied by the Web Control feature; either BLOCK or ALLOW.
<url>
The requested URL.
<source-ip>
The IP address of the requester.
<category>
The Web Control category of the website.
<order>
The Web Control rule number.
Output 14: Example Web Control log message
2016 Nov 26 08:11:15 local5.warning awplus UTM[828]: Web_Control: BLOCK http:/
/www.piracy.com/ requested by 192.168.1.1: Piracy, 0
To Next Page
Loading...
Need help?
General
