Solved

Sonicwall ViewPoint 5.0 How to create report of downloaded file types

Posted on 2009-04-01
5
718 Views
Last Modified: 2012-08-13
I would like to create a report using ViewPoint that would tell me if certain types of files are being downloaded.  i.e. Include all .com, .exe, .dll, ect. files.  Who downloaded them, when, how many,ect.  Is this possible with ViewPoint?  Any help would be appreciated.
0
Comment
Question by:barrontech
  • 3
  • 2
5 Comments
 
LVL 16

Accepted Solution

by:
ccomley earned 250 total points
ID: 24048369
No, not through the Viewpoint front end anyway, which is odd, as the data *is* present in the feed from the firewall to the Viewpoint host.

However, the Viewpoint host stores the logs in MySQL, so it may be possbile to write a report to get what you want *outside* the Viewpoint system, if you can access those.
0
 

Author Closing Comment

by:barrontech
ID: 31565294
That's what I thought.  Odd though isn't it?  
0
 
LVL 16

Expert Comment

by:ccomley
ID: 24057753
Yeah - a strange omission.
0
 

Author Comment

by:barrontech
ID: 24059590
Do you know of another 3rd part product that would give you that information?
0
 
LVL 16

Expert Comment

by:ccomley
ID: 24059781
An alternative *approach* perhaps.

The way Sonicwalls USED to work, you could, for free, turn on a SysLogD feed of *every* transaction on the box, and point it at a syslogd server to collect. Then you could find (Sonicwall used to distribute a cut-down version) a log analyssu program that would munge through that file and report on it. But it was a flat text file so you could write your own.

NOW you have to register the box for ViewPoint before you can enable the Syslog feed BUT I believe it is *still* a regular Syslog feed. So instead of pointing it at your ViewPoint server, you could point it at a plain ordinary SyslogD server, which will collect it in a flat text file as before, and then you can just use GREP to look for file downloads, for example.

I don't know if you could have the Syslog server forward a "tee" copy of the log onwards to the Viewpoint machine and thus run both.  You'd have to explore the options of SyslogD implementations.  Or ask in the Linux area.

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question