Configuring Extended Log Options

Use the extended log options page to control log entry content, log rollover, and old file options. A log entry always includes the date, time, and client IP address for each entry, but with the log data options, you can add other fields such as the IP address of the server and the username of the client.

Access Gateway does not allow active log files to be deleted. Only log files that have been closed can be deleted. The rollover options allow you to control when a file is rolled over and closed, and a new file is created. The old file options allow you to control when the rolled-over log files are deleted.

To configure an extended log file for a selected proxy service:

Click Devices > Access Gateways > Edit > [Name of Reverse Proxy] > [Name of Proxy Service] > Auditing and Logging > [Name of Extended Log Profile].

Select one or more of the log data options:

Name	Description	Entry in Configuration File	Sample Entry in the Log file
User Name	The name of the user sending the request.	%u	"public”,”cn=admin,o=novell"
Server IP	The IP address of Access Gateway.	%a	123.1.2.3
Site Name	The name of the reverse proxy.	%v	www.lagssl.com
Method	The HTTP method the browser sent to Access Gateway.	%m	GET,POST
URI	The HTTP URL the browser sent to Access Gateway.	%U	nam/acme_ss_js7.html
URI Stem	The stem portion of the HTTP URL the browser sent to Access Gateway. The stem is everything in the URL up to the first question mark. If the URL has no question mark, the URI Stem field is the same as the URI field. URI Stem is redundant if URI is selected.		/path/to/resource
URI Query	The query portion of the HTTP URL the browser sent to Access Gateway. The query is everything from the first question mark through the end of the URL. If the URL has no question mark, this field has no value. URI Query is redundant if URI is selected.	%q	?page=catalog&x=100&y=0
Version	The HTTP version specified in the URL the browser sent to Access Gateway.		HTTP/1.1, HTTP/2
Status	The HTTP status code Access Gateway sent to the browser.	%s	200, 304, 404
Bytes Sent	The number of bytes of HTTP response data Access Gateway sent to the browser.	%I	14378
Bytes Received	The number of bytes of HTTP request data the proxy service received from the browser.	%O	14378
Time Taken	The time it took Access Gateway resources to deal with the request in microseconds.	%D	0.062, 0.392, 2, 802.1
User Agent	The User-Agent HTTP request header value the browser sent to Access Gateway.	%{user-agent}i	Mozilla/5.0 (X11; Linux x86_64; rv:19.0) Gecko/20100101 Firefox/19.0
Cookie	The Cookie HTTP request header value the browser sent to Access Gateway. Access Gateway does not’ cache cookie information. Cookies can consume a lot of space. If you select this option, make sure it contains the critical information that you need.	%{cookie}	IPCZQX0355730a2b=01001300a463874a93ef23e89e9acc94468beb4b; ZNPCQ003-37323400=c2e51552
Referer	The Referer HTTP request header value the browser sent to Access Gateway.	%{Referer}	https://www.lagssl.com/netiq/nam/acme_ss_js7.html
Cached Status	The value indicates whether the request was filled from cache. 1 = filled from cache 0 = not filled from cache		0,1
Origin Server	The IP address of the web server. This assumes Access Gateway retrieved the requested information directly from the web server.	%{BALANCER_WORKER_IP}e	125.1.2.5
X-Forward-For	The X-Forwarded-For HTTP request header value the browser sent to Access Gateway. Do not confuse this with the X-Forwarded-For option, which causes Access Gateway to generate or forward headers to upstream proxies or web servers.	%{x-forward-for}i	10.0.0.1,10.0.02,10.0.03,10.0.0.4
Bytes Filled	The total bytes filled in response to the request.	%I	184
Content Range	The byte ranges sent from Access Gateway to a requesting browser.	%{Content-Range}o
E Tag	The tag sent from Access Gateway to a requesting browser.	%{ETag}	604888-1077-466372c0
Completion Status	The completion status for the transaction, indicating that it completed successfully or that it failed. Possible values: success, timeout, reset (the client terminated the connection), administrative (Access Gateway terminated the connection).	%X	success, timeout, reset
Reply Header Size	The size in bytes of the HTTP header associated with a response to a client.	%L	361
X Cache Info	Brief status statement for cached objects; brief reasons why an object was not cached.	%{Cache-Control}o	no-store
Range	The Range header value.	%{Range}o
If Range	The If Range header value, which indicates whether the browser request was a conditional range request.	%{If-Range}	bytes 0-200/736
Content Length	The size in bytes of the entire object delivered to a requesting browser.	%O	741
Request Pragma	The pragma value associated with a browser request.	%{Pragma}o	No-cache , no-store
Reply Pragma	The pragma value associated with a server response to a requesting browser.	%{Pragma}i	no-cache

Select one of the following rollover options:

Rollover When File Size Reaches: Rolls the file when it reaches the specified number of megabytes.

Rollover every: Rolls the file at the specified interval. Specify the interval in hours or days.
- beginning: Specifies the day that the interval should be begin. You can select a day of the week or the first of the month.
- at: Select the hour of the day that the interval should begin and the time zone (either the local time zone or GMT).
Select one of the following old file options:

Limit Number of Files to: Allows you to limit the number of old log files on the system to the number specified in this option. The oldest file is automatically deleted when this number is reached. All logging data in deleted files is lost.

Delete Files Older Than: Allows you to configure Access Gateway to delete files when they are older than the time you specify. All logging data in deleted files is lost.

Do Not Delete: Prevents the system from automatically deleting the log files. A maximum of 65535 files can be stored for a proxy service when you select this option.
Click OK.
Click Access Gateways > Update > OK.