Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Fixed-field Log Formats

The following table provides information about supported log file formats that are not automatic-discover in Content Security Reporter. This table includes examples of the expected header information found in the corresponding log file format.

WARNING: Any deviation from the expected field format can result in inaccurate reports.

Log File Type Expected Formats Examples
Secure Web Gateway

"user_id", "username", "source_ip",

"http_action", "server_to_client_bytes",

"client_to_server_bytes", "requested_host",

"requested_path", "result",

"virus", "request_timestamp_epoch",

"request_timestamp_formatted", "uri_scheme",


"47877615", "",

"", "GET", "664", "2837",

"", "/", "DENIED", "",

"1319501356", "2011-10-24 18:09:16-06",

"http", "Social Networking"

Email and Web Security Format (Web)

tv_sec.(tv_usec/1000) cache_msec client_ip

cache_code/http_code cache_size method_str

url user hier_code/hier_host content_type

sf_action "sf_cats"

1085754420.626 1


sjones ONE/- - DENY "Portal Sites"

SiteAdvisor Enterprise Format

DetectedUTC EventTypeID

CategoriesShortName URL ActionID RatingID

ReasonId AgentGUID User MachineName

PhishingFacet DownloadsFacet SpamFacet

PopupsFacet BadlinkerFacet ExploitFacet IP


2009-01-01T14:31:12 18600

rb http://www.0d6b214aaafe-

c151-408a-a8b2-fb31debd8e7c.html 1 1 9

ef4a3a5b-773b-467f-af1f-f1ddb0f5ba31 sara

machine1 6 3 6 6 1 6 text/html

Firewall Enterprise (Sidewinder) SFv4 - Text Format

client_ip - user_1 [time_stamp] "GET url"

http_status sf_action sf_cats - jlock [28/Jun/2004:11:44:54]


"Portal Sites"

SmartFilter IFP SFv4 - Text Format

client_ip - user_1 [time_stamp] "GET url"

http_status sf_action sf_cats - imanderson [28/Jun/

2004:11:44:54] "GET"

403 COACH "Portal Sites"


  • Was this article helpful?