SGOS 22.214.171.124 Introduced a new feature called "Policy ID". This allows a rule to be tracked from either within policy traces and or an access logs. This is very useful for identifying how frequently certain rules are used, and can aid in improving or troubleshooting policy.
1) create one new log format "test", copy the format from " main" to "test", and add one more ELFF field "x-bluecoat-reference-id" (see admin guide for more details on this field)
2) change the default logging to "test"
3) create a policy with policy id "100"
4) if the traffic hit this rule, then access log will show "100"
If traffic hits multiple rules in different layers with policy ID set, the last matching rule with policy ID set (as shown in policy trace) will be the one shown in access log.