Looking at the following log sample (Apache format Access Logs) and the bolded section contained between the <>:
220.127.116.11 - - "16/Feb/2010:11:58:55 +1100" GET http://www.testsite.com 304 0 TCP_CLIENT_REFRESH_MISS:DIRECT 7ms DEFAULT_CASE-DefaultGroup-DefaultGroup-NONE-DefaultRouting <Shop,5.0,0,,,,,,,,,,,,> - 18.104.22.168 80 "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; eMusic DLM/4)" "Shopping"
This particular log sample has 15 fields between the <>. Every other log sample I've seen has 17 fields between the <>. So my question is, why would this happen? Is there some configuration on the Ironport itself that would modify this part of the logs? I know what some of those particular fields contain but is there a breakdown for what all those fields contain?
This portion of the accesslog contains both the web category as well as the response from the various DVS engines. The actual fields will vary depending on the features/code that is installed. For example, in the upcoming 7.0 code there are several new fields to as a result of AVC (Application Visibility Control). Similarly, when Cisco Web Usage Controls are enabled there are additional fields which note dynamically learned content.
The best reference for each specific field, including between the <>'s, is the user guide which can be downloaded from the Cisco/IronPort Customer Support Portal.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :