URL filtering provides visibility and control over web
traffic on your network. For improved visibility into web content,
you can configure the URL Filtering profile to log HTTP header attributes
included in a web request. When a client requests a web page, the
HTTP header includes the user agent, referer, and x-forwarded-for
fields as attribute-value pairs and forwards them to the web server.
When enabled for logging HTTP headers, the firewall logs the following
attribute-value pairs in the URL Filtering logs:
The web browser that the user used to access
the URL, for example, Internet Explorer. This information is sent
in the HTTP request to the server.
The URL of the web page that linked the
user to another web page; it is the source that redirected (referred)
the user to the web page that is being requested.
The option in the HTTP request header field
that preserves the IP address of the user who requested the web
page. If you have a proxy server on your network, the XFF allows you
to identify the IP address of the user who requested the content,
instead of only recording the proxy server’s IP address as source
IP address that requested the web page.