Fixed-field Log Formats
The following table provides information about supported log file formats that are not automatic-discover in Content Security Reporter. This table includes examples of the expected header information found in the corresponding log file format.
WARNING: Any deviation from the expected field format can result in inaccurate reports.
Log File Type | Expected Formats | Examples |
---|---|---|
Secure Web Gateway |
"user_id", "username", "source_ip", "http_action", "server_to_client_bytes", "client_to_server_bytes", "requested_host", "requested_path", "result", "virus", "request_timestamp_epoch", "request_timestamp_formatted", "uri_scheme", "category" |
"47877615", "user1@webreporter.com", "192.168.0.1", "GET", "664", "2837", "www.myspace.com", "/", "DENIED", "", "1319501356", "2011-10-24 18:09:16-06", "http", "Social Networking" |
Email and Web Security Format (Web) |
tv_sec.(tv_usec/1000) cache_msec client_ip cache_code/http_code cache_size method_str url user hier_code/hier_host content_type sf_action "sf_cats" |
1085754420.626 1 192.168.0.1 TCP_DENIED/403 0 GET http://www.msn.com/ sjones ONE/- - DENY "Portal Sites" |
SiteAdvisor Enterprise Format |
DetectedUTC EventTypeID CategoriesShortName URL ActionID RatingID ReasonId AgentGUID User MachineName PhishingFacet DownloadsFacet SpamFacet PopupsFacet BadlinkerFacet ExploitFacet IP MIMEType |
2009-01-01T14:31:12 18600 rb http://www.0d6b214aaafe- 42e9-a150-c237c86cd959.com/a9cf15e0- c151-408a-a8b2-fb31debd8e7c.html 1 1 9 ef4a3a5b-773b-467f-af1f-f1ddb0f5ba31 sara machine1 6 3 6 6 1 6 192.168.0.1 text/html |
Firewall Enterprise (Sidewinder) SFv4 - Text Format |
client_ip - user_1 [time_stamp] "GET url" http_status sf_action sf_cats |
192.168.0.1 - jlock [28/Jun/2004:11:44:54] "GET http://www.msn.com" 403 COACH "Portal Sites" |
SmartFilter IFP SFv4 - Text Format |
client_ip - user_1 [time_stamp] "GET url" http_status sf_action sf_cats |
192.168.0.1 - imanderson [28/Jun/ 2004:11:44:54] "GET http://www.msn.com" 403 COACH "Portal Sites" |