The 'Request Logs' window catches the traffic on each policy server, by polling the request logs every second. The viewer displays up to 50 logs per server with the display limit set by the 'Logs Per Page' option in WebAdmin Settings. The 'Settings' icon on the toolbar lets you show/hide column heading. You can click in the log viewer to pause the flow of the logs or you can click the Play/Pause button in the Header Table. The 'Search' field allows you to search for log entries. The More icon in each row of the Action column displays the options: Category Lookup, Category Alert, Group Details, Group Search, Client Search, Client Search IP, Trace Request, Add URL to List, and Manage Client. The Group options will only display if a Group is found, and the 'Client Search Name' option will only display if a Client name is found. Clicking the Advanced icon will display the 'Advanced Filter' window. Click the Add Filter link and select how you want to filter the log view. These Filters can be saved or shared.
There are two tools that are helpful in verifying categorization and filtering. They are the Tools > Trace Request window and the Logs > Request Logs page. Once you have implemented your Policy settings, you can use these tools to verify filtering and categorization.
The 'Tile View' display.
You can choose to show or hide columns by clicking the Settings icon on the table header bar. Select the column headings you wish to display.
The image below shows all the table headers: Actions, Server, Timestamp, URL Client IP, Client Name, Event Type, Event Data, Category Numbers, All Category Numbers, All Categories, Destination IP, Interceptor IP, Logger, HTTP Method, User Agent, and Referrer
You can click in the log viewer to pause the flow of the logs or you can click the Play/Pause button in the Header Table.
The Reset Category Chart option, found under the 'More' icon is unchecked, your numbers will accumulate, and you will get an overall average of what is being blocked while you are on the Request Logs page. If the recheck this box, the date will reset with each poll.
The 'Request Logs' window catches the traffic on each policy server, by polling the request logs every second. You can view the traffic rate numbers in the top right corner of the viewer.
· The 'Displayed Requests' shows the number of records visible in the table. The display limit set by the 'Logs Per Page' option in WebAdmin Settings.
· The Polled Rate is the number of requests available to the user. This only displays if the 'Logs per Page' setting is set to less than 50.
· Request Rate is the number of requests being processed by the Policy Server.
As noted above, the 'Polled Rate' only display if the 'Logs per Page' setting in the WebAdmin is set to less than 50.
The log viewer allows you to search using regular expressions for log entries. Separating search queries with a space will search for either of the search terms in a log entry. Adding an exclamation (a not operator) to the first character of a search term indicates the term must not be found in a log entry. As an example, you can use this ! operator with the term webadmin to filter out your own WebAdmin activity while viewing Request logs (e.g. !webadmin).
Advanced Filters let you filter your requests. You can filter by:
· Client IP
· Client Name
· Policy Group
· Denied Flag
· Event Type
· Category Names
The SysOp 'Request Log' are by default limited to the Groups of the SysOp Account, and not limited via the Group filter. This allows for all Groups assigned to the SysOp user to be viewed in real-time.
Click the Advanced Filter icon in the Table Header bar to display the 'Advanced Filter' window.
Click the Add Filter link to open the 'Add Filter' window.
If the Exclude Matching Results is checked in the 'Add filter' window, the results Will Not contain entries matching the filter.
1. Click the Add Filter link and select Policy Group from the dropdown.
2. Select one or more Groups and click the Add Filter button.
3. The filter shows in the 'Advanced Filter' window.
1. Once the Filter is created, click the Save icon beside the Filter Preset.
2. In the 'Save Preset' window, enter a name for the filter.
3. Select how you want to share the Preset. Select either: No One, Managed Accounts, or All Accounts.
4. Click the Save button to save the Preset.
5. In the 'Advanced Filter' window, click the Apply Filters button.
6. The 'Request Logs' window is filtered by the selected Policy Groups. You can edit the filter by clicking the edit link in the filter bar.
In this example we want to edit our 'Show Groups' Filter Preset.
1. Add the existing 'Show Groups' Preset and edit it.
2. Open the Filter Preset and select Custom Filter from the list.
3. Select Custom Filter and click the Save icon.
4. Select Show Groups from the 'Save As:" list. If you want you can use the Name field to rename an existing filter or to set a new filter's name.
5. Click Save. The edited Preset is saved.
In the top right corner of the ‘Request Logs Files’ page, click the icon to view Charts. The page will display a line graph and a pie chart. Hovering over these charts will give you the top filtered rate and the request rate. You can use the Advanced Search window to filter these charts by Client ID, Group, etc. You can also click on the settings control to display the ‘Raw Data Table’ instead of the Charts.
The More icon in each row of the Actions column displays a menu. Clicking on one of these options will take you to the selected page with the details filled in.
Please note that if you click on a log line that does not contain a Group or Client, that option will not appear in the menu.
This opens the 'Category Lookup" window for the selected URL. Click the Lookup button displays the Categorization for the URL.
This sends an Alert URL to the selected URL.
This displays the Group Details for the selected Client.
This option opens the Groups window highlighting the Group for the selected Client.
This option opens the 'Track URL Request' with the information filled in.
The Add URL to List option opens the New Entry window. Select the correct List, enter the Entry and click Save Entry. Do not <Crtl> + Click this option.
This option opens the Client window. Do not <Crtl> + Click this option.