How do I add the destination/server IP (R-IP) Field to a Reporter Database?
search cancel

How do I add the destination/server IP (R-IP) Field to a Reporter Database?


Article ID: 165978


Updated On:




By default, the Reporter log format on the ProxySG (bcreportermain_v1) does not log the destination IP address. Because the ProxySG does not log this by default, the log format will need to be modified to include it.



To display the destination/server IP address in your Reporter reports, perform the following:

Instruct the ProxySG appliance to log the destination IP address in its access logs

Log into the ProxySG appliance Management Console (https://<proxysg>:8082/) and create a new access log format, which is the string of variables that instructs the ProxySG appliance how to format the details about each client connection that it records.

1. In the Management Console, select Configuration > Access Logging > Formats.

2. Click New and name this format. For the demonstration in this article, it's named my_new_format.

3. Ensure that W3C Extended Log File Format is selected and paste this string over the top of the default string that exists in the field (this string is an identical copy of bcreportermain_v1, but contains r-ip at the end, which is the destination IP field):

date time time-taken c-ip cs-username cs-auth-group s-supplier-name s-supplier-ip s-supplier-country s-supplier-failures x-exception-id sc-filter-result cs-categories cs(Referer)  sc-status s-action cs-method rs(Content-Type) cs-uri-scheme cs-host cs-uri-port cs-uri-path cs-uri-query cs-uri-extension cs(User-Agent) s-ip sc-bytes cs-bytes x-virus-id cs-threat-source cs-threat-id rs-threat-source rs-threat-id x-bluecoat-application-name x-bluecoat-application-operation x-bluecoat-application-groups cs-threat-risk x-bluecoat-access-security-policy-action x-bluecoat-access-security-policy-reason x-bluecoat-transaction-uuid x-icap-reqmod-header(X-ICAP-Metadata) x-icap-respmod-header(X-ICAP-Metadata) r-ip

4. Click OK; click Apply.

5. Go to Configuration > Access Logging > General and note which is the Default Log for HTTP.

6. Go to Configuration > Access Logging > Logs and select the General Settings tab.

7. From the Log drop-down list, select the name of the Default Log that you found in Step 5.

8. In the Log Format field, select the new access log that you created in Step 2. Click Apply. You are prompted with a message that warns you about changing the log formats. This error message is informing you that the ProxySG appliance  will not create a new log file for this log and that the file might have data written in both the old format and the new one. This will not cause an error with your log file; it is an informational warning. Click OK and then click Apply.

The ProxySG appliance is now configured to log the destination IP address at the end of each access log entry.