Re: Does Check Point support Web Browser Agent Log...

Gareth_Kik · ‎2019-07-10

We want to find Web Browser User Agent details in to the logging. I mean this info, picture below:

In the Application/URL Filtering logging events, I can see only "Web browser" name eg Chrome, but not the full Web Browser User Agent info.

Can we somehow log this in the rules or it is not supported feature?

Nick_Doropoulos · ‎2019-07-10

Hi Gareth_Kik,

I believe your best bet is extended logging on the relevant rules. Is that something you have put in place already?

Thanks.

Gareth_Kik · ‎2019-07-10

Yes, it shows only what browser was used, for example "Chrome", that's all. No details regarding Web browser user agent.

Chris_Atkinson · ‎2019-07-11

I seem to recall the mobile security checkup report in SmartEvent leveraged something similar, perhaps look at the fields/filters it uses and dig into the logs for this detail.

I will revert after i've had a chance to check further myself but you may get to it before me.

Gareth_Kik · ‎2019-07-12

Any news? Maybe it is something that should do Web Security Gateway / Proxy server that is specific for URL filtering and not for NG Firewall. Can you comment?

Chris_Atkinson · ‎2019-07-12

I've reviewed some logs in my demo environment, the following Log card details may help...

Section: Application / Site
Fields: Client Type

Section: Web Traffic
Fields: User Agent, Client Type OS

Does Check Point support Web Browser Agent Logging?