How to Report on Custom Logged Data by adding a Custom Field Node

Some log formats contain message fields, or other free-form fields which are not easily displayed in reports and summaries, so although these fields are imported from the log files, they are not displayed in the standard summaries when you run an analysis or create a report template. However, you can still add these fields to …

Vantage Update 2.2.0.90

Release Date: 3rd April 2013 Changes since 2.2.0.84: Log Formats: Apache: Alteration to Apache IBM format (duration field) Astaro: Fixed Date/Time field (time missing) ContentKeeper: Added support for new ContentKeeper syslog format IronPort: Added Ironport W3C format IronPort: Fixed Bounce Mail detection & importing IronPort: Renamed Ironport ‘C350 mail’ to ‘C-series mail’ IronPort: Improved C-Series …

Vantage Update 2.2.0.83

We have released an automatic update for the Vantage range of applications. This update includes some new loader formats as well minor fixes and improvements. Of note, this release includes support for the new format of IronPort, Palo Alto Threat and URL filtering, Clearswift Email Appliance, and Infoblox NIOS DNS queries; as well as improvements …

Vantage Update 2.2.0.68 (Exchange 2010, Juniper and IronPort Traffic Logs, and more)

We have released an automatic update for the Vantage range of applications. This update includes some new loader formats, an experimental feature as well minor fixes and improvements. Of note, this release includes full support for Microsoft Exchange 2010 Tracking logs (previously supported with the Exchange 2007 loader, but missing a few fields), as well …

How much do IronPort WSA Appliances eat?

If you are thinking about deploying IronPort Web Security Appliances you probably want to plan how much disk space to budget for with regards to logging and reporting. Every organization is different with regards to the volume of logs it creates, but I’ve averaged three data sets submitted to us by customers to produce the …

Advantages of using WebSpy with Cisco IronPort – New Video

WebSpy has been working closely with Cisco and the IronPort team over the past few years to develop what we believe is the most intuitive, flexible and fastest reporting solution for Cisco IronPort users. We’ve just completed our ‘WebSpy Reporting for Cisco IronPort’ video. Although this video is aimed at the Cisco channel we’d thought …

Vantage Update 2.2.0.50 (Juniper SA, Forefront Protection and more)

We have just released an auto update for the Vantage range of applications. This update includes support for the Juniper SA series and Microsoft Forefront Protection for Exchange 2010. Here’s the full list of changes: New: Juniper SA Series. Vantage can import and report on web traffic and VPN connections. New: Microsoft Forefront Protection for …

Website Categorization – Assessing Productivity

Security and Threat Management solutions, such as Microsoft Forefront TMG, IronPort and Blue Coat, use predefined URL categorization to simplify blocking and filtering management. Different security vendors have different ways of categorizing websites but it generally involves referring to a gigantic, regularly updated database of millions of websites sorted into 50-100 relevant categories. Majority of …

Video: How to use WebSpy Vantage to report on IronPort log files

I’ve produced a video on how to use WebSpy Vantage to report on IronPort’s Web Security Appliance’s access log files. It is quite a detailed look at the key tasks involved in setting up and using WebSpy Vantage with IronPort WSA access logs, and is therefore divided into several parts. The videos take you through …