Solved

Sonicwall ViewPoint 5.0 How to create report of downloaded file types

Posted on 2009-04-01
5
721 Views
Last Modified: 2012-08-13
I would like to create a report using ViewPoint that would tell me if certain types of files are being downloaded.  i.e. Include all .com, .exe, .dll, ect. files.  Who downloaded them, when, how many,ect.  Is this possible with ViewPoint?  Any help would be appreciated.
0
Comment
Question by:barrontech
  • 3
  • 2
5 Comments
 
LVL 17

Accepted Solution

by:
ccomley earned 250 total points
ID: 24048369
No, not through the Viewpoint front end anyway, which is odd, as the data *is* present in the feed from the firewall to the Viewpoint host.

However, the Viewpoint host stores the logs in MySQL, so it may be possbile to write a report to get what you want *outside* the Viewpoint system, if you can access those.
0
 

Author Closing Comment

by:barrontech
ID: 31565294
That's what I thought.  Odd though isn't it?  
0
 
LVL 17

Expert Comment

by:ccomley
ID: 24057753
Yeah - a strange omission.
0
 

Author Comment

by:barrontech
ID: 24059590
Do you know of another 3rd part product that would give you that information?
0
 
LVL 17

Expert Comment

by:ccomley
ID: 24059781
An alternative *approach* perhaps.

The way Sonicwalls USED to work, you could, for free, turn on a SysLogD feed of *every* transaction on the box, and point it at a syslogd server to collect. Then you could find (Sonicwall used to distribute a cut-down version) a log analyssu program that would munge through that file and report on it. But it was a flat text file so you could write your own.

NOW you have to register the box for ViewPoint before you can enable the Syslog feed BUT I believe it is *still* a regular Syslog feed. So instead of pointing it at your ViewPoint server, you could point it at a plain ordinary SyslogD server, which will collect it in a flat text file as before, and then you can just use GREP to look for file downloads, for example.

I don't know if you could have the Syslog server forward a "tee" copy of the log onwards to the Viewpoint machine and thus run both.  You'd have to explore the options of SyslogD implementations.  Or ask in the Linux area.

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question