Protocols (Regular Profile) : Managing Audit, Shadowing and Alerts for Protocols : Audit and Shadowing Rights : HTTP
  
HTTP
Audit and shadowing rights applicable to the HTTP protocol:
Audit: Connection - Enables the auditing of allowed and denied user attempts to open a web page.
The Connection action, the IP address with the port number and the name of the host, the name of the protocol are written to the log. If IP address to host name resolution fails, the host name is not written to the log.
Note: When this right is enabled, numerous Connection events are recorded in the Audit Log each time a user attempts to open a web page. This happens because a web page often requests resources (such as images, scripts, etc.) from other hosts.
Audit: Incoming Data - Enables the auditing of web pages and objects on web pages.
The Incoming Data action, the URL of the web page and objects on the web page (e.g., absolute path with URL to request parameters http://domain/path), the IP address with the port number and the name of the host are written to the log.
Audit: Incoming Files - Enables the auditing of user attempts to download a file from a Web site.
The Incoming File action, the absolute path and complete name of the file (for example, http://domain/path/myfile.doc), the IP address with the port number and the name of the host are written to the log.
Audit: Outgoing Data - The Outgoing Data content type contains no data.
The Outgoing Data action, the URL of the web page and objects on the web page (e.g., absolute path with URL to request parameters http://domain/path), the IP address with the port number and the name of the host are written to the log.
Audit: POST Requests - Enables the auditing of user attempts to submit Web form data to a Web site.
The POST Request action and the URL of the script that sent the POST request (e.g., absolute path with URL to request parameters http://domain/path) are written to the log.
Audit: Outgoing Files - Enables the auditing of user attempts to upload a file to a Web site.
The Outgoing File action, the name of the file and the name of the server that receives the file (for example, http://server/file.doc), the IP address with the port number and the name of the host are written to the log.
Shadowing: Incoming Data - Enables the shadow copying of web pages and objects on web pages.
Shadow copies of web pages and their constituent components are written to the log.
Shadowing: Incoming Files - Enables the shadow copying of files downloaded from a Web site.
Shadow copies of downloaded files are written to the log.
Shadowing: Outgoing Data - This right has no impact on the shadow copying.
Shadowing: POST Requests - Enables the shadow copying of data entered into Web forms.
Shadow copies of data entered into Web forms are written to the log.
Shadowing: Outgoing Files - Enables the shadow copying of files uploaded to a Web site.
Shadow copies of uploaded files are written to the log.