Health checks are cluttering the Cloud Secure Web Gateway (Cloud SWG) (formerly Web Security Service (WSS)) access log, causing confusion and distractions.
When setting up your Edge Secure Web Gateway (Edge SWG) (formerly ProxySG) appliance to forward traffic to the Cloud SWG, the Edge SWG appliance automatically configured health checks for the forwarding entries and hosts. By default, this health check traffic appears in the Cloud SWG access log. These health checks are all L4 health checks and the Cloud SWG cannot distinguish L4 health checks from user requests.
For example, you configure a forwarding host named “WSSHTTP8080” on the Edge SWG appliance. When this host forwards traffic to the Cloud SWG, the Cloud SWG creates a health check entry called “fwd.WSSHTTP8080”. Because this health check is an L4 health check, the Cloud SWG treats the health check like a user request by creating an entry in the access log.
To enable the Cloud SWG to distinguish health checks from user requests, modify the L4 health checks to be L7 health checks. To modify the health checks, on the Edge SWG appliance, use the CLI command
The following example CLI commands show port 8080 being set to http://healthcheck.threatpulse.net/ for a forwarding host named “WSSHTTP8080”.
#(config health-check)edit fwd.WSSHTTP8080
#(config health-check fwd.WSSHTTP8080)type http http://healthcheck.threatpulse.net/
For more information, see the #(config health-check) command in the CLI Reference.