To view a Security Proxy Server Report, you must first install and configure at least one Security Proxy server -- and be sure the activation file is installed (as described in the Management and Security Server Installation Guide).
After you install the Security Proxy server, refer to Using the Security Proxy Server to configure sessions to use the Security Proxy.
To view a report of the Security Proxy server activity, select a Report Type, a Security proxy server, and click Show Report. Note: To add servers to the drop-down list, use the Configure Settings - Security Proxy panel to import a Security Proxy server.
Report types:
This report shows the date and time the report was created and the total number of current connections. The default view shows these results:
Start Time: The time the session connected.
Accepted At: The proxy IP address and port number on which the connection was accepted.
Source: If Resolve client machine DNS name is off (the default), this column shows the client's IP address and port number. If client name resolution is on, the client's DNS name and port are displayed.
Destination: If Resolve remote host DNS name is on (the default), this column shows the destination host's DNS name and port number. If host name resolution is off, the host's IP address and port are displayed.
Authorization: The user or group ID under which the connection was authorized and the web server which authorized the user or group. The format is <distinguished name>/<web server name>.
For example, if the access control model is None (end users log on as guest) and the server name is "hostname.example," the Authorization column displays rwebgroup=guest/hostname.example.com.
Use the Column Chooser to view more results:
ID: The connection identification code. A code is assigned to each active connection at the time the connection is made. The code is constructed from the proxy instance number (p), the thread number (t), the connection number (c), and for FTP connections the session number (s). For example, a code for an FTP connection might be p1t52c8s8: proxy instance 1, thread 52, connection 8, session 8.
Client In: The total number of bytes read from the host during this connection.
Server Out: The total number of bytes written to the host during this connection.
Security: The TLS version and the cipher suite.
Protocol: The protocol (Emulation, FTP, or Pass Through) used in the connection. For FTP connections, the column also shows whether the control channel or active data transfer was involved.
For the selected Security Proxy server, this report shows each event that occurred from the time the first entry was written in the active log file to the time the report was requested.
Note that by default, the log file has a maximum size of 500 KB; when that size is reached, a new active log is started and this report shows activity from that time. You can change the maximum file size in the Security Proxy Wizard > Logging tab.
Time: The time at which the log entry was written.
Accepted At: The proxy IP address and port number on which the connection was accepted.
Source: If Resolve client machine DNS name is off (the default), this column shows the client's IP address and port number. If client name resolution is on, the client's DNS name and port are displayed.
Destination: If Resolve remote host DNS name is on (the default), this column shows the destination host's DNS name and port number. If host name resolution is off, the host's IP address and port are displayed.
Authorization: The user or group ID under which the connection was authorized and the web server which authorized the user or group. The format is <distinguished name>/<web server name>. For example, if the access control model is None (end users log on as guest) and the server name is "hostname.example," the Authorization column displays rwebgroup=guest/hostname.example.com.
Use the Column Chooser to view more results:
Priority: The priority of the log entry: Info (information), Error, Debug, Audit, or Warn.
Protocol: The protocol (Emulation, FTP, or Pass Through) used in the connection.
Security: The TLS version and the cipher suite.
Message: A short description of the event. The code in brackets at the beginning of each message identifies the action taking place on the proxy server and uses the same format as the ID shown in the Current Activity report.
This report shows the total current connections of all security proxy servers.
Security proxy address: The security proxy server and its associated port.
Security proxy current connections: Tthe count of current connections for that server.
Note: A single FTP session connecting through a security proxy server produces a count of three separate connections.