Web URL Patterns

The Web URL Patterns window is used to configure domains or regular expressions that you wish to track with KeyServer. After specifying patterns in this window, “usage” (i.e. access) of those URLs will be tracked by clients in supported browsers Supported Browsers
Windows: Firefox, Chrome, Edge, Opera
Mac: Firefox, Chrome, Safari, Edge, Opera
Linux: Firefox
and reported to KeyServer. Note that MacOS has special considerations. The URLs will appear as entries in the Programs window - which can then be added to products and policies much like traditional executable based programs. Once a policy has been made, KeyServer will record usage, which can then be reported in the same way as traditional program usage - looking at where URLs are accessed, how often, and for how long. As it becomes more common for software to have purely web-based components, this unified view of usage is important.

Adding Entries

You can create these patterns either in the dedicated window, or by way of making a new web-based product. For the latter, see New Product Wizard.

Config Window

Open this from KeyConfigure - Config - Web URL Patterns. First you will need to click the + button at the bottom left to add a new pattern. You will be prompted to choose between a domain or a pattern. If you want to track a single domain all as a single object, use the domain choice and enter something like example.net. Then any URLs within example.net will all be reported as the same entry in the programs window. Note that when using this option, matching URLs (i.e. "hits" by the client) must start with http:// or https:// - “ftp://ftp.example.net/” will not match and won't be recorded. You can also enter the exact Identifier you would like to use for this domain - or if you leave it blank an Identifier will be generated for you, e.g. “@example.net”.

     URL Patterns Window

If you need more flexibility than this, you should use a pattern instead. Using a pattern allows you to target a specific URL or set of URLs within a single domain, e.g. “mysite.org/private/”. You can also use a regexp pattern, e.g. “^https?://[-a-zA-Z0-9_.]+\.ly/”. When specifying a pattern, you must explicitly choose an Identifier, you can not click Add with the field blank. For consistency you might want to have it start with the @ symbol.

     Edit URL Pattern

After you have added new Domains or Patterns, clients will learn this but it might not be learned until the next time a client computer restarts. Once a client learns a new pattern, it will notice when that pattern is accessed in any major browser, and report this to KeyServer. The first time KeyServer learns of a new Identifier an entry will appear in the Programs window and it can then be used in a product. It is important, whether you add a Domain or a Pattern of your own, that you test to see that it is working as expected - identifying the expected URLs and not identifying additional URLs. To do so you will first need a Product and Policy to begin gather usage (access to) the URLs.

You can also add new Domains or Patterns within the Product Wizard. When added via the Product Wizard, a program entry will be created with the identifier, which is added to the new Product.


Note that KeyAccess 7.5 or higher is required to be able to track URLs. Also, while URLs can be tracked, KeyAccess cannot prevent any pages from loading. This was done to simplify things technically, but also from a user experience perspective. If users were blocked this would almost guarantee that users would have a negative impression of KeyAccess. A supported browser Supported Browsers
Windows: Firefox, Chrome, Edge, Opera
Mac: Firefox, Chrome, Safari, Edge, Opera
Linux: Firefox
must also be used, the agent will not see use by other browsers.

Since URL access cannot be blocked, we recommend policies for products that contain URLs be configured in such a way that they will not try to prevent usage. Specifically, they should be Observe policies, Manage policies with the Site metric, or Manage policies with other metrics but with an Enforcement option of “None”. Finally, any options such as Background Warning, Queue & Notify, etc should be avoided as they could result in KeyAccess presenting confusing messages to the end user.