Here is a list of user field names that Reporter is able to handle in a access log.
To ensure all the required fields are still in place we suggest you use the standard access log type, bcreportermain_v1, and write a ProxySG policy to replace cs-username with any of the above fields .
NOTE1: We recommend replacing cs-username with cs-userdn for LDAP FQDN usernames.
NOTE2: If you are using IWA Realm configured on ProxySG and you would like to capture the user's actual name/fullname in the accesslog, currently IWA can not query these user's full name on ProxySG. It will only see the user login name you use for authentication through ProxySG.
For more details of what the required fields are in a access log, see this article :
What are the required Main HTTP(s) access log fields for optimal performance using Blue Coat Reporter