System Logs and Error Messages
659
ProSecure Unified Threat Management (UTM) Appliance
• IPS Logs
• Anomaly Behavior Logs
• Application Logs
This section describes the log messages that are generated by the content-filtering and
security mechanisms.
Web Filtering and Content-Filtering Logs
This section describes logs that are generated when the UTM filters web content.
Table 179. Content-filtering and security logs: web filtering and content filtering
Message 2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
SizeLimit Block
Explanation Logs that are generated when web content is blocked because the allowed size
limit is exceeded. The message shows the date and time, protocol, domain, user,
client IP address, server IP address, URL, reason for the action, and the action that
is taken.
Recommended Action None.
Message 2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
URL Block
Explanation Logs that are generated when web content is blocked because an access violation
of a blocked web category occurs. The message shows the date and time, protocol,
domain, user, client IP address, server IP address, URL, reason for the action, and
the action that is taken.
Recommended Action None.
Message 2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
FileType Block
Explanation Logs that are generated when web content is blocked because an access violation
of a blocked web file extension occurs. The message shows the date and time,
protocol, domain, user, client IP address, server IP address, URL, reason for the
action, and the action that is taken.
Recommended Action None.
Message 2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
Proxy Block
Explanation Logs that are generated when web content is blocked because of a proxy violation.
The message shows the date and time, protocol, domain, user, client IP address,
server IP address, URL, reason for the action, and the action that is taken.
Recommended Action None.