topic IOS Zone Based Firewall URLvisited logging in Network Security https://community.cisco.com/t5/network-security/ios-zone-based-firewall-urlvisited-logging/m-p/5053848#M1110543 <P>Hello, for reasons of compliance we are required to syslog URL visited.</P><P>With the config below (not full) I am able to see the IP visited, and this only for http.</P><P>Is there a way to syslog the http and https URLs ?</P><P>parameter-map type urlf-glob PERMITTEDSITES<BR />pattern *</P><P>class-map type urlfilter match-any BLOCKEDSITES<BR />match server-domain urlf-glob BLOCKEDSITES<BR />class-map type inspect match-any HTTP</P><P>class-map type inspect match-any INSIDE-TO-OUTSIDE-CLASS<BR />match access-group name INSIDE-TO-OUTSIDE</P><P>policy-map type inspect urlfilter CONTENT-FILTERING<BR />class type urlfilter BLOCKEDSITES<BR />log<BR />allow<BR />class type urlfilter PERMITTEDSITES<BR />allow<BR />log<BR />policy-map type inspect INSIDE-TO-OUTSIDE-POLICY<BR />class type inspect HTTP<BR />inspect<BR />service-policy urlfilter CONTENT-FILTERING<BR />class type inspect HTTPS<BR />inspect<BR />class type inspect DNS<BR />inspect<BR />class class-default<BR />pass</P><P>Which produces logs of the type:</P><P><SPAN>&lt;190&gt;2719: *Mar 31 13:35:11.239: %URLF-6-SITE_ALLOWED: (target:class)-(IN-TO-OUT:HTTP):Client 10.XXX.XXX.237:63774 accessed server 146.75.118.172:80</SPAN></P><P>Thanks in advance.</P><P>&nbsp;</P> Sun, 31 Mar 2024 14:42:21 GMT Tony_S 2024-03-31T14:42:21Z IOS Zone Based Firewall URLvisited logging https://community.cisco.com/t5/network-security/ios-zone-based-firewall-urlvisited-logging/m-p/5053848#M1110543 <P>Hello, for reasons of compliance we are required to syslog URL visited.</P><P>With the config below (not full) I am able to see the IP visited, and this only for http.</P><P>Is there a way to syslog the http and https URLs ?</P><P>parameter-map type urlf-glob PERMITTEDSITES<BR />pattern *</P><P>class-map type urlfilter match-any BLOCKEDSITES<BR />match server-domain urlf-glob BLOCKEDSITES<BR />class-map type inspect match-any HTTP</P><P>class-map type inspect match-any INSIDE-TO-OUTSIDE-CLASS<BR />match access-group name INSIDE-TO-OUTSIDE</P><P>policy-map type inspect urlfilter CONTENT-FILTERING<BR />class type urlfilter BLOCKEDSITES<BR />log<BR />allow<BR />class type urlfilter PERMITTEDSITES<BR />allow<BR />log<BR />policy-map type inspect INSIDE-TO-OUTSIDE-POLICY<BR />class type inspect HTTP<BR />inspect<BR />service-policy urlfilter CONTENT-FILTERING<BR />class type inspect HTTPS<BR />inspect<BR />class type inspect DNS<BR />inspect<BR />class class-default<BR />pass</P><P>Which produces logs of the type:</P><P><SPAN>&lt;190&gt;2719: *Mar 31 13:35:11.239: %URLF-6-SITE_ALLOWED: (target:class)-(IN-TO-OUT:HTTP):Client 10.XXX.XXX.237:63774 accessed server 146.75.118.172:80</SPAN></P><P>Thanks in advance.</P><P>&nbsp;</P> Sun, 31 Mar 2024 14:42:21 GMT https://community.cisco.com/t5/network-security/ios-zone-based-firewall-urlvisited-logging/m-p/5053848#M1110543 Tony_S 2024-03-31T14:42:21Z Re: IOS Zone Based Firewall URLvisited logging https://community.cisco.com/t5/network-security/ios-zone-based-firewall-urlvisited-logging/m-p/5054481#M1110558 <P>There is command ""alert"" check it</P> <P>MHM</P> Mon, 01 Apr 2024 17:57:21 GMT https://community.cisco.com/t5/network-security/ios-zone-based-firewall-urlvisited-logging/m-p/5054481#M1110558 MHM Cisco World 2024-04-01T17:57:21Z