We are trying to disable logging for a single AD group on a new Web Gateway 7.1 installation without disabling or affecting logging for anyone else. Has anybody done this before?
I think the easiest way to achieve this would be a change to the log handler. If you look at it you will notive it takes rules and criteria like every other rule. If you place something like "It URL.UserGroups contains "myGroup" then Stop RuleSet" before the rules are triggered that write the log, no logging would be done for this group.
We have attempted this, but it is still writing to the logs. This deployment has two web gatways in Proxy HA mode. We have also tried creating a new log file, leaving it blank and getting these users to "write" to the blank log, but this does not work. either for some reason.
a different approach would be to create a second log handler, which does not have any rules in it. In your policy, after the authentication, you could place a rule that calls Event to set the log handler to the empty one for the users you do not want to see any log files for.
Maybe you can share your not-working rule with us, maybe it is just a simple mistake which is easy to correct?
We have finally worked this one out. We had to create a new rule set (called logging enabled), and copy the default rule into this one. the Default log was then cleared, so it will not log at all. Then, in the Rule Sets, we have created a rule that tells the MWG to use the new log (logging enabled) for anyone who is not a member of the group we want to disable logging for; IE, the group we want to disble logging for uses the default (blank) log handler, and everyone else users the new log handler.
A bit of a roundabout way to do this, but its working fine for us now. Thanks for your assistance, as this pointed us in the right direction!