Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Sonicwall ViewPoint 5.0 How to create report of downloaded file types

Posted on 2009-04-01
5
Medium Priority
?
737 Views
Last Modified: 2012-08-13
I would like to create a report using ViewPoint that would tell me if certain types of files are being downloaded.  i.e. Include all .com, .exe, .dll, ect. files.  Who downloaded them, when, how many,ect.  Is this possible with ViewPoint?  Any help would be appreciated.
0
Comment
Question by:barrontech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 17

Accepted Solution

by:
ccomley earned 1000 total points
ID: 24048369
No, not through the Viewpoint front end anyway, which is odd, as the data *is* present in the feed from the firewall to the Viewpoint host.

However, the Viewpoint host stores the logs in MySQL, so it may be possbile to write a report to get what you want *outside* the Viewpoint system, if you can access those.
0
 

Author Closing Comment

by:barrontech
ID: 31565294
That's what I thought.  Odd though isn't it?  
0
 
LVL 17

Expert Comment

by:ccomley
ID: 24057753
Yeah - a strange omission.
0
 

Author Comment

by:barrontech
ID: 24059590
Do you know of another 3rd part product that would give you that information?
0
 
LVL 17

Expert Comment

by:ccomley
ID: 24059781
An alternative *approach* perhaps.

The way Sonicwalls USED to work, you could, for free, turn on a SysLogD feed of *every* transaction on the box, and point it at a syslogd server to collect. Then you could find (Sonicwall used to distribute a cut-down version) a log analyssu program that would munge through that file and report on it. But it was a flat text file so you could write your own.

NOW you have to register the box for ViewPoint before you can enable the Syslog feed BUT I believe it is *still* a regular Syslog feed. So instead of pointing it at your ViewPoint server, you could point it at a plain ordinary SyslogD server, which will collect it in a flat text file as before, and then you can just use GREP to look for file downloads, for example.

I don't know if you could have the Syslog server forward a "tee" copy of the log onwards to the Viewpoint machine and thus run both.  You'd have to explore the options of SyslogD implementations.  Or ask in the Linux area.

0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question