Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

best reporting application for Watchguard logs

Posted on 2011-09-06
5
Medium Priority
?
711 Views
Last Modified: 2012-05-12
Hello experts - does anyone know of any third party apps for viewing and reporting of Watchguard logs, particularly www traffic ?
0
Comment
Question by:Brett4567
  • 3
  • 2
5 Comments
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36489596
why don't you use logviewer ?
it works just fine imo?
0
 

Author Comment

by:Brett4567
ID: 36491489
I've got that working now thanks but I can I ask you a couple more questions as I don't have much experience with this stuff.

in order to monitor and report on  www traffic do you have to have the web proxy or web blocker running ?

I ask this becuase I had strange problem. I set up web blocker on this XTM22 and chose to use the Watchguard online database.

I allowed all categories with logging so we could get an idea what is going however it insists on blocking adobe.com downloads (such as Acrobat Reader, Flash Player, etc)

When trying to install these programs a pop up informs the user that the site has been blocked by the Watchguard.

We just want reports at this stage and don't want to block any sites or activities.
 
0
 
LVL 14

Accepted Solution

by:
setasoujiro earned 2000 total points
ID: 36492202
ok.

the adobe has not to do with webblocker i think, check in the HTTP proxy properties , there is a tab called "content types" in the left menu. windows .exe is blocked by default. so you can remove it there.

if you want logs of ALLOWED packets as well, you should explicitly say so in your policy.
to do so : open the policy and on the second tab click 'logging' , then check the box that says log allowed packets.

If you want to monitor which webblocker categories are being blocked in the future , then you must setup logging for that as well.

Hope this helps
0
 

Author Comment

by:Brett4567
ID: 36493059
let me try this and get back to you


0
 

Author Comment

by:Brett4567
ID: 36505983
I think its all working thanks. Can we leave it open for a couple more days just to make sure
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses
Course of the Month6 days, 6 hours left to enroll

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question