Web Control Log Messages; Anti-Virus Log Messages - Allied Telesis AR Series Technical Manual

Logging
Output 12: Example URL filtering log message for a dropped URL request
2016 Nov 17 02:02:21 local5.info awplus IPS[2039]: [Drop] URLFILTER: URL:http:/
kdskspb.ru/ [http] 192.168.1.1:58272 -> 172.16.1.2:80
Output 13: Example URL filtering log message for a permitted URL request when log url-requests is
configured
2017 Apr 12 03:47:21 local5.info awplus IPS[3885]: [Http] URL:http://172.16.1.2/
192.168.1.1:53698 -> 172.16.1.2:80

Web Control Log Messages

The message part includes information in the following format:
Web_Control: <action> <url> requested by <source-ip>: <category>, <order>
Table 10: Elements in Web Control log messages
Message element
<action>
<url>
<source-ip>
<category>
<order>
Web control block messages have severity level 'warning' (4); allow messages have severity level
'info' (6).
Output 14: Example Web Control log message
2016 Nov 26 08:11:15 local5.warning awplus UTM[828]: Web_Control: BLOCK http:/
/www.piracy.com/ requested by 192.168.1.1: Piracy, 0

Anti-virus Log Messages

When Anti-virus detects a virus named in its database it generates messages with the following
format:
antivirus: Virus <virus> detected in <url> to <client-ip>
Anti-virus can also generate messages in the following formats for issues related to scanning the
traffic:
C613-22104-00 REV B
Description
The action applied by the Web Control feature; either BLOCK or ALLOW.
The requested URL.
The IP address of the requester.
The Web Control category of the website.
The Web Control rule number.
Advanced Network Protection
Web Control Log Messages
|
Page 71