Configure a URL Filtering profile that logs HTTP header
attributes included in web requests for more visibility into the
content your users are accessing.
Where can I use
What do I need?
Advanced URL Filtering license (or a legacy URL filtering
Legacy URL filtering licenses are discontinued, but
active legacy licenses are still supported.
Prisma Access licenses usually include Advanced URL
URL filtering provides visibility and control over web traffic
on your network. For improved visibility into web content, you can
configure the URL Filtering profile to log HTTP header attributes
included in a web request. When a client requests a web page, the
HTTP header includes the user agent, referer, and x-forwarded-for fields
as attribute-value pairs and forwards them to the web server. When
enabled for logging HTTP headers, the firewall logs the following
attribute-value pairs in the URL Filtering logs.
You can also use HTTP headers to manage access
to SaaS applications. You don’t need a URL Filtering license to
do this, but you must use a URL Filtering profile to turn this feature
The web browser that the user used to access
the URL, for example, Internet Explorer. This information is sent
in the HTTP request to the server.
The HTTP header does not
contain the full string for the User Agent. The maximum logged bytes
from the packet preceding the packet containing the header-end is
The URL of the web page that linked the
user to another web page; it is the source that redirected (referred)
the user to the web page that is being requested.
The option in the HTTP request header field
that preserves the IP address of the user who requested the web page.
If you have a proxy server on your network, the XFF allows you to
identify the IP address of the user who requested the content, instead
of only recording the proxy server’s IP address as source IP address
that requested the web page.
The type of header and the text of the header
that the firewall inserts.