The Blocked Web Access Log screen displays information for Web Reputation queries
that return
malicious results. These are the options available on this screen.
-
Keyword: Specify keywords to use when searching for URLs.
-
Date Range: Select a date range.
-
Display Log: Use the following to filter your log query:
-
All: Displays logs of all blocked sites.
-
Blocked: Displays logs of sites that were blocked because the sites
matched an entry on the user-defined, blocked URL list.
-
Virtual Analyzer C&C: Displays logs of sites that were blocked
because the sites matched a URL or IP address on the Virtual Analyzer C&C list.
-
Web blocking: Displays logs of sites that were blocked because the
sites matched an URL or IP address on the Web blocking list and Global Intelligence
C&C
list.
-
C&C List Source: Displays logs of sites that were blocked because
it is in the Global Intelligence or Virtual Analyzer list.
Log Details:
-
Date and time: The date and time of the blocked URL event.
-
URL: The URL that was blocked by Web Reputation.
-
Filter: The list that triggered blocking the URL or IP address. This
could be the user-defined blocked URL list, Virtual Analyzer C&C list, or the Trend
Micro
Web Blocking List.
-
C&C List Source: This can either be the Global Intelligence list
or the Virtual Analyzer list.
-
Client GUID: The GUID of the computer that attempted to access the
blocked URL.
-
Server GUID: The GUID of the Trend Micro product that supports Smart Protection Servers.
-
Client IP: The IP address of the computer that attempted to access
the blocked URL.
-
Computer: The name of the computer that attempted to access the
blocked URL.
-
User: The endpoint user name.
-
Domain: The domain name of the endpoint.
-
Product Entity: The Trend Micro product that detected the URL.