How to differentiate traffic by OS type (macOS versus Windows) with WSS Agent?
Article ID: 226454
Updated On:
Products
Cloud Secure Web Gateway - Cloud SWG
Issue/Introduction
How to differentiate traffic by OS type (macOS versus Windows) with WSS Agent in use?
Environment
Please note that this applies to the access method that send computer information to the service, namely SEP-CIA and WSS Agent.
Resolution
You can see from the WSS portal report that we have the Client-OS field available for reporting purpose, and you can also see from the WSS Access log documentation that this data is stored in the X-Client-os field.
This means that we can extract the OS for access method that fill this field with data, per the following CPL sample:
define variable string x_client_os ; Create a variable to store the resolved field data
<proxy>
variable.x_client_os("$(x-client-os)") ; Populate the variable with the resolved field data (requires to be in a transaction)
Then we can set a condition to match when we have an appropriate macOS or Windows string.
define condition wssa_macOS
variable.x_client_os.substring="name=macOS"
end
define condition wssa_Windows
variable.x_client_os.substring="name=Windows"
end
Finally, we can use the conditions in the sample code below, for illustration purposes only:
<proxy>
OK condition=wssa_macOS
OK condition=wssa_Windows
DENY ; Deny unsupported clients
Feedback
Yes
No
Powered by
