AnsweredAssumed Answered

How to build logic and capture specific data from 2 types of logs?

Question asked by Utsav Sejpal on Jan 11, 2018
Latest reply on Jan 11, 2018 by Josh Randall

Hi Experts,


We've integrated Trend micro webproxy device with RSA SA Netwintess (


It forwards the same log under two different types. For e.g. if user A accessed website B then 2 different logs are generated with the exact time stamp. 1)Event URL Access Tracking 2)Event URL monitoring


Below are the samples:








EVT_URL_Access log can be of allowed/denied while EVT_URL_Monitoring is the log of allowed website.


So, we wanted to achieve that if user name, time and URL (with contains and ot exact) matches then capture bytes, source and destination from EVT_URL_ACCESS_TRACKING


Match Condition:



URL with domain contains



Then write bytes, source, destination to Report/Chart etc which will be available from URL Access tracking logs.



Utsav Sejpal