I am using Webgateway 7.4.0 & the problem I am facing is that a block url is showing in both access log as well as denied log instead it should show only in denied log but it is showing in both.
Can anyone help me???
I can give you further details if anyone requires.....
Access log contains all requests (the critieria for the logging rule is "Always").
The access denied log only logs blocked requests (criteria is status=403 or block.is>0).
Yes, Web Gateway is working fine.
I would not advise only showing the allowed, however you can just modify the criteria to achieve this.
what abt webreporter???how webreporter is showing the both access log as well as denied logs when we have configured only access log in webgateway for webreporter.............
The access.log contains a Block.ID(block_res). If a URL is allowed, the the value is 0. If it is blocked, then the value is a number based on the reason it was blocked.
This is how WebReporter or CSR knows about a block/allow. It only needs one log for both conditons.
We have webgateway to push only access log in webreporter but we are able to view both the access log as well as denied logs in webreporter,how is it possible plz help?????
This is access denied logs not configured for webreporter
Access log rule
Access denied rule
This is access logs configured to push into webreporter
As you can see from the above attached images only access logs is enabled to push into webreporter & access denied log is disabled for webreporter.So,I am confused that how webreporter is able to receive both the logs.....
Kindly explain me.....
Access logs contain all requests (by default). That is to say that there is no criteria for the log writing rule. The access denied rule has a criteria to only write blocked requests.
So the access logs are not only "Access allowed" logs.