Would it be possible to have a destination / server IP field in a log? How it's could be configured?
Hello Jurij, add to the log dest_ip=IP.toString(URL.dstIP)
Beware that this property triggers a DNS lookup.
Best regards Pavel
Thank you. We'll try that
Hi
You need to enable dest ip rule in the mwgaccess3.log configuration. The rule is already there, just enable it. Go policy > log handler > mwgaccess3.log
there is a field called "dest_ip", but it does not bring back those values:
value count % 1 116 16.089% 1132 4 0.555% 1125 3 0.416% 1188 3 0.416% 1438 3 0.416% 517 3 0.416% 6647 3 0.416% 6653 3 0.416% 1008 2 0.277% 1042 2 0.277%
the props.conf has this: FIELDALIAS-dest_ip = dst AS dest_ip REPORT-dst = mwg_dst
Does the Destination IP even come over from McAfee Web Gateway?
the src_ip field works fine.
When you say add to the log, I need to ask the McAfee admins to add this?
