15 02, 2016

Creating a Remote Desktop Report (RDP Connections) with WebSpy Vantage

By | 2016-02-15T06:31:35+00:00 February 15th, 2016|Articles, Firewall Analysis, How To, Log File Analysis, Microsoft Threat Management Gateway, System Administration, Tips and Best Practices, Uncategorized, Vantage, WebSpy|Comments Off on Creating a Remote Desktop Report (RDP Connections) with WebSpy Vantage

This article walks through the process of using WebSpy Vantage to create a comprehensive Remote Desktop Report by extracting information about remote desktop sessions (RDP) from your firewall log files. I'm using Firewall logs from Microsoft Forefront TMG, but you could just as easily use logs from other firewalls, such as the packet filter logs from Sophos UTM, or connection end events from Cisco ASA. The general process is the same. Let's get started.

14 12, 2015

A Complete Guide to Useful Reverse Proxy Reporting

By | 2015-12-14T09:26:41+00:00 December 14th, 2015|Aliases, How To, Log File Analysis, Microsoft Threat Management Gateway, Reports, System Administration, Tips and Best Practices, Uncategorized, Vantage, WebSpy|Comments Off on A Complete Guide to Useful Reverse Proxy Reporting

Reverse proxy reporting (using WebSpy Vantage Ultimate) is a great way to gain insight to how the Internet is using your published web sites or web applications. Forward proxy reporting is all about the users accessing content on the Internet from within your corporate network. Reverse proxy reporting is the opposite. When you have a [...]

7 09, 2015

Optimizing Log File Size For Analysis And Reporting

By | 2015-09-07T17:13:06+00:00 September 7th, 2015|Astaro, ClearSwift, Email Analysis, Employee Internet Reports, Firewall Analysis, How To, Log File Analysis, Microsoft Exchange, Microsoft IIS, Microsoft ISA Server, Microsoft Threat Management Gateway, System Administration, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSense, WebSpy, Windows Event Logs|Comments Off on Optimizing Log File Size For Analysis And Reporting

Firewalls and proxies generate a lot of log data. Multiple gigabytes per day are commonplace now. The log files themselves are generally simple flat text files. Their size comes from the sheer volume of entries, not from being rich data types. The log file size not only consumes disk space during logging, storing, and archiving, but [...]

22 09, 2014

Aliases are awesome. See why you should use them!

By | 2014-09-22T23:51:04+00:00 September 22nd, 2014|Aliases, Employee Internet Reports, How To, Log File Analysis, Microsoft Threat Management Gateway, Reports, Tips and Best Practices, Uncategorized, Vantage, Web Browsing Analysis, WebSpy|Comments Off on Aliases are awesome. See why you should use them!

What is an Alias? As defined by Google, in computing terms, an alias is: An alternative name or label that refers to a file, command, address, or other item, and can be used to locate or access it. When it comes to WebSpy Vantage, an alias takes log data that does not make sense and [...]

25 08, 2014

Rethinking Log Storage and Archiving with Data Deduplication

By | 2014-08-25T07:51:10+00:00 August 25th, 2014|Log File Analysis, Microsoft Threat Management Gateway, storages, System Administration, Uncategorized, Vantage, WebSpy|Comments Off on Rethinking Log Storage and Archiving with Data Deduplication

As a typical IT department, we log a lot data. Loads of it. Thanks to various regulatory requirements, we need to log more and more data from more and more sources. That's a lot of mores! We are also required to mine more information from those logs, and need keep these logs in their original form for [...]