The first part is called the prolog and epilog and this is where the proxy sets variables used in the policy evaluation. You may not see all of them in the transaction as the request may for example not trigger the Apparent Data Type variable or the malware scanning policy could be disabled. The variables depend upon the version of SGOS too.
The prolog is evaluated before the locally modifiable policy whilst epilog is evaluated after the locally modifiable policy. To check what are the prolog and epilog on your SGOS login to the CLI via SSH or serial console and run these commands:
conf t show sources policy builtin-prolog
show sources policy builtin-epilog
The bottom part of the output shows the values the variables got assigned during the policy evaluation. An example is the highlighted text which shows that since this device has the BCIS license it can use the risk level variables defined in the prolog and the request in this transaction got the risk level of 2.
; start with the looked up value if numeric value exists server_url.threat_risk.level=0..10 variable.server_url.threat_risk.effective_level("$(server_url.threat_risk.level)") ; cast the string values into default integer values if no numeric value exists variable.server_url.threat_risk.effective_level(5)
Subscribing will provide email updates when this Article is updated. Login is required.