4.1. ICAP Dashboard

MetaDefender ICAP Server's Dashboard gives overview of ICAP Server status.

Note that the default refresh rate of displayed information is 1 minute.


Overview page

The Overview page shows information on

  • Number of blocked requests

  • Number of processed requests

  • License information

  • Number of processed requests chart

Clicking the Settings icon the following properties can be customized:

  • Refresh rate (default: 1 minute)

  • Time-span displayed (default: 24 hours)

ICAP history

The ICAP history shows information on ICAP events in the system.

On the ICAP history page you can search for ACTION, RESULT, HTTP URI, CLIENT IP, PROXY IP, HOST, CORE RULE or ICAP RULE. Also you can filter the list by ACTION.

Due to usability reasons the ICAP history list is not updated automatically. Click the Refresh icon to update.

The RESULT value Undisclosed means that MetaDefender Core did not return a scan result for this entry.

The reason for this value appearing in ICAP History is that MetaDefender Core is configured to provide OVERALL RESULTS ONLY for VISIBILITY OF SCAN RESULTS in the security rule that matches ICAP file scans.

Request details

Clicking an ICAP history entry displays public details (that do not require authentication on MetaDefender Core) about the scan.

The View scan details link points to the scan details on the MetaDefender Core instance where the actual scanning took place.

The View scan details link works with MetaDefender Core version 4.7.0 (or later) only.

For MetaDefender Core versions earlier than 4.7.0 the Dashboard is opened.

To generate the View scan details links, MetaDefender ICAP Server stores the actual Core IP where the current request's files were scanned.

As a result the View scan details links continue to work properly even after a new Core is configured instead the old one.

View scan details links stop working after the referenced Core is uninstalled or migrated to a new address.

Export to CSV

Clicking the EXPORT TO CSV button will export the history list (according to the actual filter conditions) to a CSV file.

Data range

The currently active filter conditions apply to the exported list.

All filtered data gets exported, even if the list expands to multiple pages.

CSV file download

The CSV file is written into a HTTP stream, so it gets downloaded by the browser immediately, automatically.

The CSV file is named according to the following scheme:

Naming convention

For example, if the export happened on 22nd January, 2020; at 12:38:36 PM:

Naming example

Exported data

The following data is exported for each entry:

  • Date

  • Client Address

  • Proxy Address

  • Duration

  • ICAP Method

  • ICAP Service

  • ICAP Rule


  • Action

  • Verdict

  • IsTag

  • Data ID

  • Host

  • Core Address

  • Core Rule

  • Sanitized

  • Scan Duration

  • Error Details


The history above exports to the following CSV:


Config history

The Config history shows information on configuration changes made via the Web Management Console.

Changes made directly in the configuration file are not reflected here.

On the Config history page you can search for USER, TYPE, CHANGE TYPE, PARAMETER, OLD VALUE or NEW VALUE. Also you can filter the list by DATE.

Due to usability reasons the Config history list is not updated automatically. Click the Refresh icon to update.