I am having a problem where Web Gateway 7 is not logging HTTP IP traffic but it is logging when domains (valid or not) are used. As you know this sometimes makes it difficult to track botnet traffic to infected hosts behind the proxy.
Any recommendations would be greatly appreciated.
Thanks in advance.
Web Gateway will log all traffic by default, have you changed any of the log handlers in your rules?
In addition on 7.2 it has a access denied log as well as a found viruses log enabled by default, allowing you to easily check for any denied sites or virus hits.