Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
663
Views
0
Helpful
3
Replies

Is it possible to track pages under a domain, not the domain itself?

KRMCCisco
Level 1
Level 1

‎11-09-2023 02:10 PM

We would like to track the users of some popular AI chat pages.  One of these is a page under a large domain, as in www.domain.com/chat .    We have created a custom URL category to track this traffic, but I can't use the domain by itself, I need the /chat page.  The regular expression that we have created isn't working to capture those hits and none of the documentation I can find mentions tracking pages, just domains or subdomains.

Is it possible to track pages and not the domain in the WSAs?

Labels:
0 Helpful
3 Replies 3

amojarra
Cisco Employee
Cisco Employee

‎11-10-2023 06:03 AM

Hello @KRMCCisco 

 

So if the traffic is HTTPS and you are using transparent redirection, you can not read the URI unless you decrypt the traffic, WSA will know the URL from the certificate or from T1/T2 interface if configured.

so you need to first create a rule to Decrypt the traffic for that URL then Block in the Access Policy for that URI.

 

But if you are using Explicate Proxy deployment, WSA will know the whole URI. in this case, if the custom category is not hitting:

[1] please check the access logs to see which category it is hitting (you can see that in Web tracking report as well) 

[2] you can also put the custom category in top of the list, since WSA reads the categories top to down.

 

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++        If you find this answer helpful, please rate it as such      ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

Regards,
Amirhossein Mojarrad
+++++++++++++++++++++++++++++++++++++++++++++++++++
++++ If you find this answer helpful, please rate it as such ++++
+++++++++++++++++++++++++++++++++++++++++++++++++++
0 Helpful

KRMCCisco
Level 1
Level 1
In response to amojarra

‎11-10-2023 08:07 AM - edited ‎11-10-2023 08:38 AM

We are using transparent.

To be clear, we don't want to block the traffic, we simply want a count of the number of visits to the specific page.  Now, looking again, we are decrypting that custom URL category - but we still aren't seeing a count for the /chat, only for the other site within that custom category.

0 Helpful

amojarra
Cisco Employee
Cisco Employee

‎11-24-2023 05:12 AM

Hello @KRMCCisco 

Thank you for the clarification. 

could you please double check if the same category is also in the Access Policy as well. 

since when a traffic is hitting decryption policy, then it will be redirected to Access Policy and the final category which the traffic is hitting in the Access Policy will be listed in the Web Tracking report. 

for example if I create a custom URL category with regex : wsa

and:

[1] just put it in the Decryption policy and set to decrypt. 

when I brows : https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa-15-0/release-notes/release-notes-for-wsa-15-0.html#Cisco_Concept.dita_fb3000c1-7154-4ca1-a963-ad7a18acd50e

it will hit the custom category for decryption them it will hit "Business and Industry" for access policy so in the WEB tracking report there is no record for that

 

[2] If I put the same category in access policy as well, lets say to monitor, then I can see that in the Web tracking report 

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++        If you find this answer helpful, please rate it as such      ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

 

 

Regards,
Amirhossein Mojarrad
+++++++++++++++++++++++++++++++++++++++++++++++++++
++++ If you find this answer helpful, please rate it as such ++++
+++++++++++++++++++++++++++++++++++++++++++++++++++
0 Helpful
Customers Also Viewed These Support Documents