Entra ID GSA - Logging of HTTP Content and Agent Type
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 99%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Stevens Smith
10
Reputation points
Hi all,
I'm currently working on a Proof of Concept (PoC) for an enterprise-level client who is considering transitioning to Entra ID Global Secure Access (GSA) as a replacement for their existing VPN and proxy infrastructure.
They have a few specific logging requirements that we need to address:
Logging of HTTP content types
Logging of HTTP User-Agent types
We’re planning to set up Azure Secure Web Gateway (SWG) for them, along with Entra ID Private Access. All devices involved are already Entra ID joined.
From my research, I understand that Azure SWG performs TLS/SSL inspection, but I haven’t found clear documentation on whether it can log the specific HTTP-level details mentioned above.
If anyone has experience with this setup or can confirm whether these logging requirements can be met (either natively or via workarounds), your input would be greatly appreciated.
Thanks in advance!
Microsoft Security | Microsoft Entra | Microsoft Entra Internet Access
{count} vote
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 87%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMV%3C/text%3E%3C/svg%3E)
Mallikarjuna Vardham 450 Reputation points Microsoft External Staff Moderator2025-06-03T16:56:55.04+00:00 Hello Stevens Smith
Do you have TLS inspection and diagnostic logging enabled in your Entra GSA SWG setup? That’s key to capturing Content-Type and User-Agent headers.
-
Stevens Smith 10 Reputation points
2025-07-10T09:30:21.7633333+00:00 Hi @Mallikarjuna Vardham I haven't enabled TLS inspection yet, but there is no mention of these parameters in the logs. If anyone has experience enabling TLS inspection and updating the schema, I would appreciate any insights. Since TLS inspection is still in preview, I don’t want to enable it without thorough testing. Is it possible to receive these two parameters with TLS inspection? If you can provide any documentation or screenshots it would be greatly appreciated.
Sign in to comment
Sign in to answer