I am using a Custom denied page for my denied and blocked verdicts, causing some content to be missed in my Blocked Websites Report.
Other affected Reports that this issue affects are:
Reporter, by default, reports on verdicts with the word "denied" in the text string name. Reporter may not catch the text used in the custom made denied page, when it searches for content that is denied. Consequently, if you are using a custom denied page, some reports may not show the denied content. Those reports that do not work would be those trigger off the text "denied" as a means to find denied, or blocked content.
There are two solutions for this:
1: Redesign your SG policy to include the text "denied" somewhere in custom verdict for blocked web sites.
Note: This will only affect new data that is processed into the Reporter database.
2: Create a new custom report with the verdicts that are showing up as denied, and use that report for your blocked Web sites report.
Note1: Follow the same steps above for each report that is affected.
Note2: The dashboard can be re-configured to carry this report, instead of the pre-defined one.
Note3: More information on all the potential verdicts that a SG may include in it's access log can be found here:
NOTE4: In some customers cases, even though their verdicts do carry the word denied in them, the reports will show as empty. This is because, the customer is also populated the x-exception-id . The impact is that if the log files contain value for the x-exception-id field, we see a different set of values in the option dropdown list, compared to log files that have null x-exception-id field (in which case sc-filter-result field is used to populate the dropdown box).