Web log, 14 web log – Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual

Page 281

Advertising
background image

22.14 Web Log

281

3000-3999

— warning from individual WinRoute modules (e.g. DHCP server, anti-virus

check, user authentication, etc.)

4000-4999

— license warnings (subscription expiration, forthcoming expiration of

WinRoute’s license, Kerio Web Filter license, or the McAfee anti-virus license)

Note: License expiration is considered to be an error and it is logged into the Error log.

Examples of Warning logs

[15/Apr/2008 15:00:51] (3004) Authentication subsystem warning:

Kerberos 5 auth:

user [email protected] not authenticated

[15/Apr/2008 15:00:51] (3004) Authentication subsystem warning:

Invalid password for user admin

[16/Apr/2008 10:53:20] (3004) Authentication subsystem warning:

User jflyaway doesn’t exist

The first log informs that authentication of user jsmith by the Kerberos system in the

company.com

domain failed

The second log informs on a failed authentication attempt by user admin (invalid

password)

The third log informs on an authentication attempt by a user which does not exist

(johnblue)

Note: With the above three examples, the relevant records will also appear in the Security

log.

22.14 Web Log

This log contains all HTTP requests that were processed by the HTTP inspection module (see

section

14.3

) or by the built-in proxy server (see section

8.4

). Unlike in the HTTP log, the Web

log displays only the title of a page and the WinRoute user or the IP host viewing the page. In

addition to each URL, name of the page is provided for better reference.

For administrators, the Web log is easy to read and it provides the possibility to monitor which

Websites were opened by each user.

How to read the Web Log?

[24/Apr/2008 10:29:51] 192.168.44.128 james

"Kerio Technologies" http://www.kerio.com/

[24/Apr/2008 10:29:51]

— date and time when the event was logged

192.168.44.128

— IP address of the client host

james

— name of authenticated user (if no user is authenticated through the client

host, the name is substituted by a dash)

"Kerio Technologies"

— page title

(content of the <title> HTML tag)

Advertising
Popular Brands
Popular manuals