Web filter Page

Use this page to view detailed information about web filtering activity regarding user and group activity, source IPs, requested URLs, categories of web content requested, and domains recorded.

Note: To view these web filter logs, you need a Smoothwall Filter license for the Guardian module.

Navigation: REPORTS > Logs > Web filter.

Web filter
Export Downloads a .CSV file in your browser automatically that contains the data displayed in the table.
«Earlier Scrolls the data to an earlier point time.
Realtime Shows data for activities that are happening now.
Later» Scrolls the data to a later point time.
Date and time The current date and time. Click in the box to open the date picker so that you can choose a specific date.
Advanced » Expands to show the Show table columns section so that you can select the table columns to display or clear the selection to hide the column. To collapse the section, click « Advanced.

Note: Some of these columns might not show. You need to click Advanced » to show or hide columns.

Web filter
Time When the activity took place.
Username The usernames of users making web requests.
Source IP The source IP addresses that web requests are coming from. When you enter the IP address you might get a lot that contain your entered number. To reduce the amount of results, you can click the column header to select the Exact option that you can select.
Group The logs for groups of users.
Code The HTTP response status code.
URL

The URLs of the requested web resources. When content matches a web filter policy, the Smoothwall Filter and Firewall displays a link to the policy.

  • Images — Excludes all images.
  • JavaScript — Excludes JavaScript resource requests.
  • CSS — Excludes CSS resource requests.
  • User defined — A regular expression to find and exclude a web resource.
Category

The categories a request was categorized as being in. Depending on how the request was categorized, the Smoothwall Filter and Firewall might also display the following status information:

  • Infected - Malware was found in the content. The name of the malware found shown.
  • Denied - Access to the content was denied. The names of the categories that caused the request to be denied is shown.

Multitenant licensed systems don't see the tenant name for tenant-specific categories in this column because it reports the category as used by the Smoothwall Filter categorization methods, which doesn't include the tenant information.
Policy Indicates the web filtering policy applied to the content. Categories and category groups from multitenant licensed systems are prefixed with the tenant name in the Policy column.
Domain The log entries recorded against domains.
Server Name Indication (SNI) Indicates when a HTTPS request hasn't included a Server Name Indication (SNI) in its header. If a HTTPS request with no Server Name Indication (SNI) fails, the Code displays 0.