In the log file analysis world, we're always dealing with large volumes of data. By default, WebSpy Vantage stores its data, including the storages that you import log files into, somewhere on your c: drive. Changing this location to somewhere with more disk space is therefore one of the first steps that customers like to perform, so I thought I'd write a quick blog to explain the locations you should be aware of and how to change them.
Microsoft have announced the availability of Microsoft Forefront Threat Management Gateway (TMG) Release Candidate (RC). This is the final public release of TMG before it is made available to purchase. If you're considering upgrading your ISA Server to TMG, this means that you can start your deployment using the Release Candidate, and simply switch it to a licenced version with no additional configuration changes once the full release is available.
Attention all Vantage customers (and triallers). We've just released build 18.104.22.168 as an auto-update. This build includes new features such as scheduled data purge, support for Microsoft Forefront Threat Management Gateway, and scheduling CSV imports into your Organizational structure.
A great feature of Vantage Ultimate is its ability to publish reports and storages to the Web Module so that users can login, view their reports, and analyze data. But no one wants to have to remember yet another username and password combination to login to the Web Module, so make it easy on your users by using Windows Authentication. This way, as long as a user is logged into their Windows machine with their Windows domain username, they will sail straight into the Web Module without being prompted for a username or password.
Using Date Modifiers in file masks are a great way to increase the speed of your imports as they remove all the logs you don’t care about from the import list. If you're using WebSpy Vantage, you are probably interested in filtering your log file imports by date (only import files from the month of June for example). The obvious way to do this is to specify a date filter using the filters page in the Input Wizard. The problem is Vantage will still check every record in every log file being imported to see if it matches the date filter. If you have months or years worth of logs in the folder being imported, that's a lot of data that Vantage has to pointlessly sift through. The good news is, if your log files contain the date in their file name, then you can use file masks to instruct Vantage to never touch these unwanted files.
Here's a video I put together demonstrating how to get up and running with a complete monitoring and reporting solution in less than 15 minutes. The video demonstrates three products: WebSpy Sentinel, for complete data capture, WebSpy Live for real time alerts, and WebSpy Analyzer Standard for analysis and reporting.
A few customers have experienced some issues converting their ISA MSDE logs to text format using Microsofts MSDEToText.vbs script for ISA 2006. We've therefore created a modified version of the script that creates compatible log files for WebSpy software.
I was conducting a demonstration the other day on how to use a few tricks in WebSpy Vantage to filter out noise and clutter from web reports. If you have ever looked through the raw list of web sites visited by people in your organization, I'm sure you know what I mean. Watching a single video on YouTube will probably generate a list of about three to five sites such as lax-v41.lax.youtube.com, www.youtube.com, img.youtube.com, and so on. Your list of top sites also probably contains hits to ad servers and tracking servers, such as doubleclick.net, google-analytics.com and imrworldwide.com. All this clutter gets in the way of determining what sites were 'intentionally' visited.
I'm happy to announce the release of Vantage 2.2! All three products in the Vantage range (Premium, Giga and Ultimate) have been update with the following features: Multi-processing, Improved report styles, Updated Aliases and Profiles, Storage Repair Utility, Save / Open Tasks. Obviously, the multi-processing feature is the big one! Many of you (Vantage customers) have been running Vantage on multi-core or multi-cpu machines and just dying for Vantage to grab hold of the CPUs and make them work. You should be happy with this new build.
A couple of weeks ago I posted a blog regarding Microsoft's upcoming Beta 3 release of Forefront Threat Management Gateway (TMG) which will be replacing Microsoft ISA server. Well, it's now been released and can be downloaded from the Microsoft Download Center.