Solved

best reporting application for Watchguard logs

Posted on 2011-09-06
5
678 Views
Last Modified: 2012-05-12
Hello experts - does anyone know of any third party apps for viewing and reporting of Watchguard logs, particularly www traffic ?
0
Comment
Question by:Brett4567
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36489596
why don't you use logviewer ?
it works just fine imo?
0
 

Author Comment

by:Brett4567
ID: 36491489
I've got that working now thanks but I can I ask you a couple more questions as I don't have much experience with this stuff.

in order to monitor and report on  www traffic do you have to have the web proxy or web blocker running ?

I ask this becuase I had strange problem. I set up web blocker on this XTM22 and chose to use the Watchguard online database.

I allowed all categories with logging so we could get an idea what is going however it insists on blocking adobe.com downloads (such as Acrobat Reader, Flash Player, etc)

When trying to install these programs a pop up informs the user that the site has been blocked by the Watchguard.

We just want reports at this stage and don't want to block any sites or activities.
 
0
 
LVL 14

Accepted Solution

by:
setasoujiro earned 500 total points
ID: 36492202
ok.

the adobe has not to do with webblocker i think, check in the HTTP proxy properties , there is a tab called "content types" in the left menu. windows .exe is blocked by default. so you can remove it there.

if you want logs of ALLOWED packets as well, you should explicitly say so in your policy.
to do so : open the policy and on the second tab click 'logging' , then check the box that says log allowed packets.

If you want to monitor which webblocker categories are being blocked in the future , then you must setup logging for that as well.

Hope this helps
0
 

Author Comment

by:Brett4567
ID: 36493059
let me try this and get back to you


0
 

Author Comment

by:Brett4567
ID: 36505983
I think its all working thanks. Can we leave it open for a couple more days just to make sure
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
Introduction Many times we come across a slowness or instability between two hosts, and almost always we blame the poor networking guys, just because they're an easy target.  Sometimes we forget that other factors including disk bottlenecks, CPU …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question