webkeeper-logs
Fetch web proxy logs from Elastic of WebKeeper SG.
webkeeper-logs profile=PROFILE [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss] [offset=NUM] [limit=NUM]
- profile=PROFILE
- The identifier of WebKeeper SG connect profile
- duration=NUM{mon|w|d|h|m|s}
- Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example,
10smeans data from 10 seconds earlier. - from=yyyyMMddHHmmss
- Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
- to=yyyyMMddHHmmss
- End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
- offset=NUM
- Skip count
- limit=NUM
- Max output count
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| _time | Date | Time | |
| guid | String | Log GUID | |
| agent_id | String | Agent ID | |
| user | String | User | |
| emp_name | String | Employee name | |
| dept_name | String | Department name | |
| src_ip | IP address | Source IP | |
| dst_ip | IP address | Destination IP | |
| dst_port | Integer | Destination port | |
| policy | String | Policy | |
| category_code | Long | Category code | e.g. 900010000000512 |
| category | String | Category name | e.g. Internet (general) |
| method | String | HTTP Method | e.g. GET, POST |
| domain | String | Domain | |
| path | String | Path | |
| query | String | Query string | |
| referer | String | HTTP referer | |
| file_num | Integer | File count | |
| keyword | String | Keyword | |
| post_size | Integer | HTTP post size | |
| pass_block_type | String | Block type | 0: PERMIT, 256: CATEGORY_BLOCK, 512: SIZE_BLOCK |
| post_size_limit | Integer | POST size limit | |
| dept_code | String | Department code | |
| user_guid | String | User GUID |