Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1845
Views
0
Helpful
2
Replies

Information to Access-Log on WSA

podhovnik
Level 1
Level 1

‎01-25-2011 05:38 AM

Hi,

I have a question about the WSA access-log. There are a lot of "skipped" markings in the log.

What does that mean?

1295865776.044 118 10.100.1.221 TCP_MISS/200 21615 GET http://eicar.org/image/about_us/hgk_about_us.jpg - DIRECT/eicar.org image/jpeg DEFAULT_CASE_11-normal_User-normal_user-NONE-NONE-NONE-DefaultGroup <Comp,-,"Skipped","-",-,-,-,"Skipped","-",-,-,-,"-","Skipped",-,"-","-",-,-,Comp,-,"-","-","-","-","-","-",1465.42,0,-,"-","-"> -

1295865780.566 88 10.100.1.221 TCP_DENIED/403 2244 GET http://www.eicar.org/download/eicar.com - DIRECT/www.eicar.org application/octet-stream BLOCK_AMW_RESP_11-normal_User-normal_user-NONE-NONE-NONE-DefaultGroup <Comp,-,"Skipped","-",-,-,-,"Virus","-",0,1,6,"EICAR test file","Skipped",-,"-","-",-,-,Comp,-,"Virus","-","-","-","-","-",204.00,0,-,"-","-"> -
secproxy1.intra.graz.at>

regards

Andreas

1 person had this problem
Labels:
0 Helpful
2 Replies 2

mart.pirita
Level 1
Level 1

‎02-02-2011 06:11 AM

Are You using or .

I'm using and it shows:

IW_csec,-,"Unknown","-","Unknown","Unknown","-","-",462.00,0,-,"-","-">

Seems Your does not handle categorization and skips that part.

0 Helpful

jowolfer
Level 1
Level 1

‎02-03-2011 08:24 AM

The first log line is for a .jpg image. Images are not sent through the scanning engines, so the engines were "skipped".

The second one was matched and detected by Mcafee. A decision to block the file was made after this detection, so the other scanning engines were skipped.

0 Helpful
Customers Also Viewed These Support Documents