I've had 2 different customers from 2 different countries in 2 days ask for the same thing, so i figured I'd post it here.
When you use a coaching page, have a Business Justification comments field that gets logged.
When the coaching page is displayed, there is an extra field:
After a comment has been entered, it adds an entry to a Coaching.log:
[17/Jun/2013:15:21:59 +0000] "user1" 192.168.2.2 184.108.40.206 0 "GET http://www.youtube.com/ HTTP/1.1" "Streaming Media, Media Sharing" "Minimal Risk" "-" 0 0 "300" "I have to watch a training video."
The process involves a rule set for coaching:
|Coaching with Comments|
[This ruleset contains rules for coaching for urls, user and ip. This ruleset will not be exectued if SSL is disabled and a HTTPS request has been done.]
Applies to Requests: True / Responses: False / Embedded Objects: False
1: SSL.ClientContext.IsApplied equals true
2: OR Command.Name does not equal "CONNECT"
And a modifications to the ActionCoachingBlocked template:
Create a new template called ActionCoachingBlockedWithComments, copy the entire original HTML from the ActionCocahingBlocked page to it, and remove the previous <table> and <form> and replace with above.
The rules and partial template with the replacement html is attached.
This is awesome, and exactly the type of rule I'm looking to implement in my organization.
I've started some initial testing with this rule, and have run into some issues when using Chrome. When activating the session, I get the error below.
I'm new to the coaching ruleset, but we do use redirection for for authentication so I'm not sure what causes this. any insight?
I just tested this with
|Google Chrome||27.0.1453.116 (Official Build 206485) m|
I do not see the same results. I works as i would expect.
Does the default ruleset for coaching work with chrome?
What is technically supposed to happen is when you submit, it is supposed to send a HTTP 302 redirect with a Location header of the original site. It also includes the html body you see as a message before the redirection is supposed to occur.
The redirection header should have something like this:
HTTP/1.1 302 redirected
<html> body of the message you saw</html>
It sounds like the location header didn't come through properly or the browser is not honoring the redirect.
Take a wireshark of the client and see what the location header actually displays.
You can send it to my email instead of posting it because there could be sensitive info in it you may not want public.
erik_elsasser @ mcafee.com
I get errors sometimes with this and on IE 11 it just sits on the coaching page, never does the redirect. IE9 works fine, but IE11 no redirect. Chrome acts funny, I get either no redirect or an error. Any fix for this yet?