URL Blocking Log

Logs > Log Query > URL Blocking Log

URL blocking logs included virus, spyware, and user-defined blocking events.

• Time period—Display logs for current day, week, or month.

• Range—Choose a start and end date to define the time period for which you want to view logs (inclusive). If logs from the start date are no longer on the server (or database), the earliest available logs will be displayed.

• URLs blocked—Select from the list of blocked URLs those logs you want to display. If more than one blocking instance occurred for the same URL, all instances will be displayed.

• Protocol—Select the protocol type(s) for which you want to view logs.

• Sort by—Choose the order in which you want IWSVA to group the logs for display:

• URL—Requested URL that was blocked

• Date—The date and time the URL was blocked

• Category—Thows the security rule that triggered the block, for example which Applet and ActiveX security policy, URL filtering, or virus accomplice

• Rule—The reason a given URL was blocked, that is, the rule that caused the URL to be blocked. Examples include Virus Scan policy of blocking password-protected files, a Java security rule to block all applets, and a URL blocking rule against known phish sites

• User ID—ID of the user whose URL was blocked

• Scan Type—The module that detected the blocked URL:

• PhishTrap

• URL Filter

• URL Blocking

• OPP ID—Outbreak prevention policy ID number—only supported if IWSVA is configured to report to Trend Micro Control Manager; in other words, only if the TMCM agent for IWSVA is installed

• Protocol—Type of Web connection (HTTPS, HTTP, or FTP)

See also

• Export Logs and Reports to Excel

• How are Log Files Named?

• Important Log Notes