Advanced URL Filtering
Log Only the Page a User Visits
Table of Contents
Log Only the Page a User Visits
Generate log entries for only the main page a user visits
by enabling this option in a URL Filtering profile.
| Where can I use this? | What do I need? |
|---|---|
|
Notes:
|
A container page is the main page that a user accesses when visiting a website, but additional
pages might be loaded along with the main page. If the Log Container page
only option is enabled in a URL Filtering profile (URL Access Management
profile for Prisma Access), only the main container page will be logged, not
subsequent pages that may be loaded within the container page. Because URL filtering can
potentially generate a lot of log entries, you may want to turn on this option, so log
entries will only contain those URIs where the requested page file name matches the
specific mime-types. The default set includes the following mime-types:
- application/pdf
- application/soap+xml
- application/xhtml+xml
- text/html
- text/plain
- text/xml
If you enable the Log container page only option,
there may not always be a correlated URL log entry for threats detected
by antivirus or vulnerability protection.
Log Only the Page a User Visits (Strata Cloud Manager)
If you’re using Panorama to manage Prisma Access:
Toggle over to the PAN-OS & Panorama tab and follow the guidance there.
If you’re using Strata Cloud Manager, continue here.
- In a URL Access Management profile, select Log Container Page Only.Apply the URL Access Management profile to a Security policy rule.A URL Access Management profile is only active when it’s included in a profile group that a Security policy rule references.Follow the steps to activate a URL Access Management profile (and any Security profile). Be sure to Push Config.
Log Only the Page a User Visits (PAN-OS & Panorama)
- Create or select a URL Filtering profile to modify.Select .Enable Log container page only.Click OK to save the profile.Commit your changes.
