You have uploaded ProxySG logs to your Web Security Service (WSS) account with the Hosted Reporting functionality. Upon reviewing the logs, you note that verdict is always shown as ALLOW even though the logs have data for DENIED accesses.
This issue is caused because the field "x-exception-id" is missing from the ProxySG logs. The Web Security Service uses this field to correctly show the verdict.
This field is included automatically in the following ProxySG default logs: bcreportermain_v1, bcreporterstreaming_v1, and bcreporterssl_v1
If you are using a custom log, you will need to manually include "x-exception-id" field.