search cancel

Cannot change PII settings to match what is required from customer

book

Article ID: 257139

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

Cloud SWG Portal provides a number of different combinations in terms of suppressing information written to log files. 

What happens if the admin requires privacy settings that are not available in Portal e.g. if we want to suppress the user and group information, but log the device information in clear text which is not one of the options below.

Are there additional options to provide more granular PII settings?

Environment

PII settings within Cloud SWG Portal.

 

Cause

Portal limitation.

Resolution

If Cloud WSG is administered through UPE, then we can simply add CPL statements to suppress any fields 

For Portal based administrator, contact Broadcom support to have the changes made on the back end. In the above example and selecting to suppress the user/group/device information, we added the following change to avoid suppressing the device information:

<Proxy PutDeviceNameBack>
    log.rewrite.x-client-device-name( "$(x-client-device-name)" )

<Proxy PutDeviceIdBack>
    log.rewrite.x-client-device-id( "$(x-client-device-id)" )

 

Additional Information

With the changes, the access log entries show the user/group info suppressed (Orange), but the device ID (green) is in clear text.

12345 2022-11-21 09:51:56 "DP2-GDKCP1_proxysg1" 178 94.26.223.130 "Suppressed" "/l5QT+9THDaupKy0FzhMn8s=" GOoemu5wVp61k65iPvfqsgVf9xmX+388= "Suppressed" - OBSERVED "Shopping" - 200 TCP_NC_MISS GET text/plain https collector.hifiklubben.dk 443 /g/collect ?v=2&tid=G-L169VKKGCN&gtm=2reb90&_p=2082124206&tt=dk&cid=2040237574.1668194130&ul=da-dk&sr=1920x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B104.0.5112.81%7C%2520Not%2520A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B104.0.5112.81&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=EA&_s=1&sid=1669024287&sct=8&seg=1&dl=https%3A%2F%2Fwww.hifiklubben.dk%2Ftv-surround%2F&dt=TV%20%26%20Surround&en=page_view&ep.event_id=402788A5-9AA2-49D8-97A9-FEC23B34D424&up.Country=Denmark&richsstsse - "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36" 192.168.2.84 793 2504 - cas_group - "{ %22expect_sandbox%22: false }" no - - - 0 "client" client_connector "-" "-" 216.239.34.21 "United States" CERT_VALID none - - TLSv1.3 TLS_AES_128_GCM_SHA256 128 collector.hifiklubben.dk "Shopping" TLSv1.3 TLS_AES_128_GCM_SHA256 128 "Suppressed" ICAP_NOT_SCANNED - ICAP_NO_MODIFICATION - 216.239.38.21 "United States" - "Denmark" 3 3 wss-agent architecture=x86_64%20name=Windows%2010%20Enterprise%20version=10.0.19042 8.1.1.17497 194.126.223.130 ac8dc379-1ae5-487f-b3d4-9dbfdc16d487 ID-7261 - - - - SSL_Intercept_1 - - - - - c1123429da12e05d-0000000009e7f84a-00000000637b4a3b 148.64.14.71 148.64.14.71 "DK" "Denmark" - - -

Attachments