HTTP header logging was introduced in PAN-OS 6.1. This document explains how to enable the HTTP header logging and how to track URLs accessed by individual users in the network.
Steps
Configure a URL Filtering Profile under Objects > Security Profiles.
Configure necessary actions for each respective category.
Navigate to settings in the URL filtering profile and enable User-Agent, Referer, X-Forwaded-For checkboxes under HTTP Header Logging.
Create a security policy for traffic of interest.
Under Profile Settings, call the configured URL Filtering Profile and select OK.
Commit the configuration.
Navigate to Monitor > Logs > URL filtering. Use the filter to select the source user. Note: The referrer field will list out the URLs visited by the end user. The individual log will look like this:
Under HTTP header, use the referrer field to get the actual URLs each user accessed.