I've found out a little more... When activating "Remote Syslog" I can select the log-category "HTTP blocked sites". When using "Local Logs" -> "Query" I can also chose "HTTP blocked sites".
But when I look under "Local Logs" -> "Browse" there are only "HTTP accessed sites", "HTTP deamon" and "HTTP proxy".
Unfortunately, querying the log "HTTP blocked sites" returns no log-entries at all.
what I actually meant with my first message was: I can't find a log-entry which shows which URLs have been blocked by the "URL Blacklist" of Astaro's HTTP-Proxy. We didn't have a license to use the "Cobion Surf Protection Categories". Now we have a license and we are blocking some categories. When a URL is blocked because it belongs to one of the taboo-categories, that blocking is logged.
But when a URL is blocked because it matches a "URL Blacklist"-entry, I can't find that blocking in any log-file. I do get a daily "Executive Report" by mail, which tells me something like this:
HTTP pages blocked by SP (total): 600 - Top 1: Erotics/Sex: 10 - [...] - URL Blacklist: 550
But I can't find out the URLs that were blocked by the "URL Blacklist".
When I first called the company responsible for our Astaro-Support, they told me I have to reinstall Astaro, because I changed the xslt-files to translate them to German. (the HTTP-proxy uses XSLT-stylesheets to generate the status-/error-messages)
So I reinstalled ASL 5.202, restored the backup-file, but nothing changed.
I sent another mail to our support-company, and they asked me to enable WebAdmin- and SSH-access for the Astaro Support employees, which I accepted.
I was then told everything is o.k. and I should be seeing the log-entries the next day. But they didn't appear.
Then they told me, there must be something wrong with my installation and all I could do is to reinstall ASL.
So I downloaded the ISO-image for ASL 5.204 and checked the md5-checksum, just to be sure it's o.k., then I reinstalled ASL (it was friday evening, almost everybody else was at home drinking beer or doing something else ... ;-(( ). I did not restore the backup. I only configured our Astaro to allow our proxy-server to access websites. Then I added one entry to the "URL Blacklist" and accessed that site, which was blocked (of course).
But there still was no log-entry to be seen. So I sent another mail to our Astaro-Support.
Now they're telling me that is normal behavior! Only the URLs blocked by the Cobion surf protection categories are logged. If they're blocked by the "URL Blacklist", there is no log-entry for that.
Can anybody confirm this? Did I do overtime in vain?
