eWalker SWG Access
Web access logs
Default Log Format
[%cqtn] %puid %chip %chpt %ship "%pfcn" %ttmf %cqme %cquc %sssc %cqpl %sslt %cqlx %pfac %info %ccaa "%pfra" %site
Log Schema
| Type | Field | Display Name | Description |
|---|---|---|---|
| Date | _time | Time | %cqtn |
| String | site | Site | |
| IP address | src_ip | Source IP | %chip |
| Integer | src_port | Source port | %chpt |
| IP address | dst_ip | Destination IP | %ship |
| Integer | dst_port | Destination port | Extracted from %cquc |
| String | app | Application | Extracted from %cquc |
| String | category | Category | %pfcn |
| String | policy | Policy | %pfra |
| String | action | Action | %pfac |
| Long | duration | Duration | %ttmf |
| String | status | HTTP Status | %sssc |
| String | method | HTTP Method | %cqme |
| String | domain | Domain | Extracted from %cquc |
| String | path | Path | Extracted from %cquc |
| String | query | Query | Extracted from %cquc |
| String | url | URL | %cquc |
| Long | cs_bytes | Upload | %cqlx |
| Long | sc_bytes | Download | %sslt |
| Long | cs_post_len | POST length | %cqpl |
| String | user | User | %puid |
| String | info | Info | %info |