Troubleshooting - checking the CSP logs (standalone server)

book

Article ID: 178313

calendar_today

Updated On:

Products

Web Security.cloud

Issue/Introduction

 

Resolution

Troubleshooting - checking the CSP logs (standalone server)

By default, both the cache_store_log and access_log are disabled. You can enable either by commenting out the following two lines in the C:\ClientSiteProxy\etc\squid.conf. Then restart the proxy service.

Table: Interpreting the CSP logs

Log file

Interpretation

c:\ClientSiteProxy\var\access.log

You should be able to see the requests to the web sites that your clients request. On each line you should be able to see the domain and the user name of each user making the request.

See the example log below.

c:\ClientSiteProxy\var\cache.log

In normal operation there should be no entries that are generated in the log file apart from startup and shutdown information

Example c:\ClientSiteProxy\var\access.log

192.168.0.11 - company\administrator [11/Oct/2006:12:34:18 +1300] 
				"GET http://www.mozilla.org/images/header_tab.gif HTTP/1.0" 
    200 4816 TCP_MISS:NONE
192.168.0.11 - company\administrator [11/Oct/2006:12:34:18 +1300] 
    "GET http://www.mozilla.org/images/header_br.gif HTTP/1.0" 
    200 1064 TCP_MISS:NONE
192.168.0.11 - company\administrator [11/Oct/2006:12:34:18 +1300] 
    "GET http://www.mozilla.org/images/header_tr.gif HTTP/1.0" 
    200 984 TCP_MISS:NONE
192.168.0.11 - company\administrator [11/Oct/2006:12:34:18 +1300] 
    "GET http://www.mozilla.org/images/key-point_back.gif HTTP/1.0" 
    200 610 TCP_MISS:NONE
192.168.0.11 - company\administrator [11/Oct/2006:12:34:18 +1300] 
    "GET http://www.mozilla.org/images/header_tl.gif HTTP/1.0" 
    200 1354 TCP_MISS:NONE
192.168.0.11 - company\administrator [11/Oct/2006:12:34:18 +1300] 
    "GET http://www.mozilla.org/images/header_logo.gif HTTP/1.0" 
    200 5682 TCP_MISS:NONE