Rethinking Log Storage and Archiving with Data Deduplication

As a typical IT department, we log a lot data. Loads of it. Thanks to various regulatory requirements, we need to log more and more data from more and more sources. That’s a lot of mores! We are also required to mine more information from those logs, and need keep these logs in their original form for …

How to Report on Enterprise Storages – Vantage Guidelines

Vantage Giga can be a very effective tool for generating useful management reports on Internet, email, and network activity in large organizations. Because large organizations generally have a large volume of log data to report on, here are a few guidelines on how to report on enterprise storages to help make the reporting process as …

Vantage Update 2.2.0.90

Release Date: 3rd April 2013 Changes since 2.2.0.84: Log Formats: Apache: Alteration to Apache IBM format (duration field) Astaro: Fixed Date/Time field (time missing) ContentKeeper: Added support for new ContentKeeper syslog format IronPort: Added Ironport W3C format IronPort: Fixed Bounce Mail detection & importing IronPort: Renamed Ironport ‘C350 mail’ to ‘C-series mail’ IronPort: Improved C-Series …

Publishing A Storage to the Web Module

This article will explain how to publish a storage to the Vantage Ultimate Web Module, and the various options and permission settings available.

Increase Report Speed : Reduce What You Import

Vantage is designed to import everything from your log files, but if you are not interested in looking all of the fields available, then this could be slowing down your reports.

Vantage Update 2.2.0.83

We have released an automatic update for the Vantage range of applications. This update includes some new loader formats as well minor fixes and improvements. Of note, this release includes support for the new format of IronPort, Palo Alto Threat and URL filtering, Clearswift Email Appliance, and Infoblox NIOS DNS queries; as well as improvements …

Running Multiple Instances of Vantage

In the latest Vantage auto-update (2.2.0.68), we’ve included an experimental feature to allow multiple instances of WebSpy Vantage to run on the same operating system. The goal here is to run reports at the same time using multiple instances of the application. To do this, we have also include a second experimental feature to disable …

How much do IronPort WSA Appliances eat?

If you are thinking about deploying IronPort Web Security Appliances you probably want to plan how much disk space to budget for with regards to logging and reporting. Every organization is different with regards to the volume of logs it creates, but I’ve averaged three data sets submitted to us by customers to produce the …

Watch your TMG’s waist line. Switch log format and reduce fat now!

We often recommend customers using Microsoft ISA or TMG switch their logging to W3C text file, in order to get the best possible import speed, and also because the text logs are much easier to access from a remote machine (see my previous article on accessing TMG’s SQL Express Log database). Logging to the default …

Where does Vantage store data and how do I change it?

In the log file analysis world, we’re always dealing with large volumes of data. By default, WebSpy Vantage stores its data, including the storages that you import log files into, somewhere on your c: drive. Changing this location to somewhere with more disk space is therefore one of the first steps that customers like to perform, so I thought I’d write a quick blog to explain the locations you should be aware of and how to change them.