27 03, 2017

Analyzing Blocked Traffic in Log Files for Suspicious Activity

By | 2017-03-27T02:14:54+00:00 March 27th, 2017|Firewall Analysis, How To, Log File Analysis, Sophos, System Administration, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|Comments Off on Analyzing Blocked Traffic in Log Files for Suspicious Activity

Using log file analysis to report on blocked traffic can help troubleshoot issues with website and application behavior, and potential security issues. This article shows how to use WebSpy Vantage to identify suspicious activity from blocked traffic log events.

15 02, 2016

Creating a Remote Desktop Report (RDP Connections) with WebSpy Vantage

By | 2016-02-15T06:31:35+00:00 February 15th, 2016|Articles, Firewall Analysis, How To, Log File Analysis, Microsoft Threat Management Gateway, System Administration, Tips and Best Practices, Uncategorized, Vantage, WebSpy|Comments Off on Creating a Remote Desktop Report (RDP Connections) with WebSpy Vantage

This article walks through the process of using WebSpy Vantage to create a comprehensive Remote Desktop Report by extracting information about remote desktop sessions (RDP) from your firewall log files. I'm using Firewall logs from Microsoft Forefront TMG, but you could just as easily use logs from other firewalls, such as the packet filter logs from Sophos UTM, or connection end events from Cisco ASA. The general process is the same. Let's get started.

3 02, 2016

Distributing Web Activity Reports to Managers Using WebSpy Vantage

By | 2016-02-03T06:28:11+00:00 February 3rd, 2016|Employee Internet Reports, Firewall Analysis, How To, Log File Analysis, Reports, System Administration, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|Comments Off on Distributing Web Activity Reports to Managers Using WebSpy Vantage

This video takes you through some new features in WebSpy Vantage to help distribute web activity reports to managers throughout your organization. These new features include: Manually Assigned Group Managers Redesigned Separation and Permission workflow Manager Reports Manually Assigned Group Managers WebSpy Vantage has always had the ability to report on Departments, Cities, or any [...]

15 12, 2015

Web Activity Reporting with Palo Alto Firewall Log Files

By | 2015-12-15T08:06:15+00:00 December 15th, 2015|Employee Internet Reports, Firewall Analysis, How To, Log File Analysis, Palo Alto Networks, Reports, System Administration, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|Comments Off on Web Activity Reporting with Palo Alto Firewall Log Files

Using WebSpy Vantage to analyze and report across your Palo Alto Firewall deployment is a great way to keep on top of web usage throughout your organization. This guide will take you through the process of configuring Palo Alto Firewalls and WebSpy Vantage to produce accurate and meaningful web activity reports that can be utilized [...]

5 10, 2015

Simple Network Monitoring With Windows Firewall Logging And Reporting

By | 2015-10-05T16:49:07+00:00 October 5th, 2015|Firewall Analysis, How To, Log File Analysis, Reports, Scheduled Tasks, System Administration, Tips and Best Practices, Uncategorized, Vantage, WebSpy|Comments Off on Simple Network Monitoring With Windows Firewall Logging And Reporting

The Windows native firewall has been around for some time now. It first made its appearance in Windows XP as the Internet Connection Sharing Firewall, which was a basic inbound firewall. In Windows XP SP2 it was turned on by default and in Windows Vista, it had grown up to be both in and outbound [...]

7 09, 2015

Optimizing Log File Size For Analysis And Reporting

By | 2015-09-07T17:13:06+00:00 September 7th, 2015|Astaro, ClearSwift, Email Analysis, Employee Internet Reports, Firewall Analysis, How To, Log File Analysis, Microsoft Exchange, Microsoft IIS, Microsoft ISA Server, Microsoft Threat Management Gateway, System Administration, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSense, WebSpy, Windows Event Logs|Comments Off on Optimizing Log File Size For Analysis And Reporting

Firewalls and proxies generate a lot of log data. Multiple gigabytes per day are commonplace now. The log files themselves are generally simple flat text files. Their size comes from the sheer volume of entries, not from being rich data types. The log file size not only consumes disk space during logging, storing, and archiving, but [...]

27 08, 2014

How I used log file analysis to safely retire a legacy web site

By | 2014-08-27T07:30:05+00:00 August 27th, 2014|Firewall Analysis, Log File Analysis, Microsoft IIS, System Administration, Tips and Best Practices, Uncategorized, Vantage, WebSpy|Comments Off on How I used log file analysis to safely retire a legacy web site

Legacy applications and websites remain in place for longer than they should, often because there is a suspicion that they are still being used. Meanwhile, the application is hanging around consuming IT resources that could be put towards a more useful purpose. To safely decommission a web site or service, you need to be sure [...]

8 05, 2013

Vantage Update 2.2.0.90

By | 2013-05-08T07:10:53+00:00 May 8th, 2013|Astaro, Email Analysis, Firewall Analysis, How To, IronPort, Loaders, Log File Analysis, Organization, Profiles, Reports, Sales and Marketing, Scheduled Tasks, Software Updates, storages, System Administration, Tips and Best Practices, Vantage, Web Browsing Analysis, Web Module, WebSpy News Update|0 Comments

Release Date: 3rd April 2013 Changes since 2.2.0.84: Log Formats: Apache: Alteration to Apache IBM format (duration field) Astaro: Fixed Date/Time field (time missing) ContentKeeper: Added support for new ContentKeeper syslog format IronPort: Added Ironport W3C format IronPort: Fixed Bounce Mail detection & importing IronPort: Renamed Ironport 'C350 mail' to 'C-series mail' IronPort: Improved C-Series [...]

13 12, 2012

Vantage Update 2.2.0.83

By | 2012-12-13T15:23:18+00:00 December 13th, 2012|ClearSwift, Email Analysis, Firewall Analysis, How To, IronPort, Loaders, Log File Analysis, Microsoft Threat Management Gateway, Reports, Scheduled Tasks, Software Updates, storages, Uncategorized, Vantage, Web Module|0 Comments

We have released an automatic update for the Vantage range of applications. This update includes some new loader formats as well minor fixes and improvements. Of note, this release includes support for the new format of IronPort, Palo Alto Threat and URL filtering, Clearswift Email Appliance, and Infoblox NIOS DNS queries; as well as improvements [...]

22 12, 2010

Creating and Analyzing SonicWALL Log Files

By | 2010-12-22T15:28:52+00:00 December 22nd, 2010|Firewall Analysis, How To, Log File Analysis, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|0 Comments

I’ve put together a couple of quick videos to show you how to configure logging on your SonicWALL appliance, and how to import and analyze these log files in WebSpy Vantage. You can also read through these steps on this page: Analyzing SonicWALL log files with WebSpy. […]