Skip to content

Websense Web Security

Constructor : Websense

Product : Websense Web Security

Log format : structured

Structured log message :

vendor=Websense product=Security product_version=8.0.1 action=permitted severity=1 category=201 user=\" OU=Users,OU=FR,DC=eu,DC=doer,DC=local/Name Surname\" src_host=11.12.50.180 src_port=59891 dst_host=30.250.200.60 dst_ip=30.250.200.60 dst_port=80 bytes_out=242 bytes_in=505 http_response=200 http_method=GET http_content_type=application/octet-stream http_user_agent=Mozilla/4.0(compatible;_MSIE_6.0;_DynGate) http_proxy_status_code=200 reason=- disposition=1026 policy=Super_Administrator**Default role=8 duration=10 url=http://37.252.225.67/din.aspx?s=19376411&client=DynGate&p=10075244

Constructor field LMC field
[src_host] [init][host][ip]
[src_host] [init][host][name]
[src_port] [init][host][port]
[http_user_agent] [init][useragent]
[dst_host] [target][host][name]
[dst_ip] [target][host][ip]
[dst_port] [target][host][port]
[url] [target][uri][full]
[category] [target][uri][category]
[http_method] [app][method]
[http_content_type] [app][header][content_type]
[http_response] [app][return][code]
[http_proxy_status_code] [alarm][name]
[bytes_in] [session][in][byte]
[bytes_out] [session][out][byte]
[duration] [session][duration]
[action] [websense][action]
[reason] [websense][reason]
[role] [websense][role]
[policy] [rule][name]
[severity] [alarm][sev]
[product] [websense][product]
[product_version] [websense][product_version]
[disposition] [websense]

Test unit :

unit_1.json