Location of Web Categories List File

Question

Hi all, 
 I recently came across a useful post in this forum (link below) showing the location of the 'Applications' file which displays the mapping between app-id and application name for all of the applications Sophos UTM recognises. The file was located in /etc/afc. 
 https://community.sophos.com/products/unified-threat-management/f/web-protection-web-filtering-application-visibility-control/45614/application-control-log-correlation-app_id 
 Is there a similar file which can show me the mapping between Category Name and it's ID number. If so, could you please let me know where it is located? This is out of idle curiosity and not dire need, but if anyone can give me a pointer it would be much appreciated. 
 Thank you for your time and assistance. 
 Best regards, 
 John P

DouglasFoster · Accepted Answer

I have been parsing the webfilter log data to create master lists for the pairs ID/Name, Category/CategoryName, and AppID/Application. The motivation was to reduce the size of the log data, by eliminating unnecessary duplication, when I load the logs into a SQL database. For the same reason, I generate my own index numbers so that the long text strings for Profile, Filter Action, and UA (UserAgent) can be replaced with a number. For completeness, I also created a number-to-description table to hold HTTP status codes, since the log data only contains numbers. 
 I have noticed that the ID/Name pairing appears in other log files. Each log file uses an independent set of ID codes, so that the aggregate is (or appears to be) globally unique. 
 By adding new entries to the code-to-description tables as they occur in the logs, I avoid the need to anticipate additions that Sophos may implement in the future. But in case my parsing fails, I always do my code-to-description lookups using an outer join. I would rather have a missing description field than to accidentally omit a log entry from a report due to an inner join lookup where a code-to-description translation is missing. 
 
 Not knowing the Sophos position on whether this is proprietary information, I am reluctant to post what I have. But you should be able to construct a similar list using a similar process.