I applied the default "basic file blocking" profile to the policy that allows users to access the Internet.
In the "Data Filtering" monitor I can see few files being blocked (EXE files for example), but I can't see the full URL of that file (the "File URL" column is all blank).
The goal is to understand if the root URL can be white-listed.
Could you please help ?
In the Unified logs view you can add the URL column by howvering your mouse over any of hte fileds and waiting for the down arrow, then just follow the path. Another thing to look at would be the maginfying glass icon on the far left of the logs, those will show the different parts of hte session.
Hope that helps.
Sorry about that, after you replied I check my logs and saw the same thing. Since you are looking for safe domains, I would make sure you have the following enabled:
If all those are configured properly then probably the domain is most likely safe.
Hope that helps.
old post, but it appeared first in my google search for this issue
If you disable the "Log container page only" setting under the profile(s) you use under Objects - Security Profiles - URL Filtering you should see the File URLs in the Data filtering logs. This will also cause a substantial increase in URL filtering logs...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!