Manualshelf

User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Web Security Appliance S170
461462463464465466467468469470
448
IRONPORT ASYNCOS 6.3 FOR WEB USER GUIDE
Table 20-9 describes the header fields listed at the beginning of each W3C log file.
For example, a W3C log file might contain the following header information:
#Version: 1.0
#Date: 2009-06-15 13:55:20
#System: 10.1.1.1 - wsa.qa
#Software: AsyncOS for Web 6.3.0
#Fields: timestamp x-elapsed-time c-ip x-resultcode-httpstatus sc-bytes
cs-method cs-url cs-username x-hierarchy-origin cs-mime-type x-acltag
x-result-code x-suspect-user-agent
Working with Log Fields in W3C Access Logs
When defining a W3C access log subscription, you must choose which log fields to include,
such as the ACL decision tag or the client IP address. You can include one of the following
types of log fields:
Predefined. The web interface includes a list of fields from which you can choose. For
more information, see “Custom Formatting in Access Logs and W3C Logs” on page 450.
User defined. You can type a log field that is not included in the predefined list. For more
information, see “Including HTTP/HTTPS Headers in Log Files” on page 459.
Most W3C log field names include a prefix that identifies from which header a value comes,
such as the client or server. Log fields without a prefix reference values that are independent
Table 20-9 W3C Log File Header Fields
Header Field Description
Version The version of the W3C ELF format used.
Date The date and time at which the entry was added.
System The Web Security appliance that generated the log file in the format
“Management_IP - Management_hostname.
Software The Software which generated these logs
Fields The fields recorded in the log