Blue Coat SG Sample Event Messages
Use these sample event messages to verify a successful integration with JSA.
Note:
Due to formatting issues, paste the message format into a text editor and then remove any carriage return or line feed characters.
Blue Coat SG Sample Message when you use the Syslog Protocol
The following sample event message shows that access was denied by a filter.
2016-11-07 13:13:54 44 172.28.51.1 407 TCP_DENIED 2251 492 GET http clients5.example.com 80 / complete/search ?hl=de-DE&q=t&client=ie8&inputencoding=UTF-8&outputencoding=UTF-8 - - - - - "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko" DENIED "Search Engines/Portals" - 192.168.165.34
JSA field name |
Highlighted values in the event payload |
---|---|
Event ID |
TCP_DENIED |
Event Category |
For this DSM, the value in JSA is always WebProxy |
Source IP |
172.28.51.1 |
Destination IP |
192.168.165.34 |
Destination port |
80 |