Web Log Database

By default, the web protection Log Database includes one catalog database, one standard logging partition database, and one threats (AMT) partition database. Typically, multiple standard logging partition databases are created as Internet activity is recorded.

• The catalog database provides a single connection point for the various components that need to access the Log Database: Log Server, presentation reports, and investigative reports configuration. It also contains definitions for the following:
  • Category names
  • Risk classes
  • Users
  • User-to-group mapping
  • Database job information

  The catalog database also maintains a list of all the database partitions.

• Standard logging partitions store the individual log records of Internet activity. New partitions are created based on size (3 or 5 GB, by default) or date interval.
• The threats (AMT) partition stores information about requests that have been assigned a severity level, and is used to populate the Threats dashboard.