Astaro Security Gateway devices are capable of producing some very detailed log files including full URLs, usernames, categories, block action and reason which gives you some great reporting options in WebSpy Vantage.
Take a look at our dedicated Astaro pages to get an idea of what can be achieved when analyzing Astaro Web Gateway log files with WebSpy Vantage.
I’ve created some quick videos to show you how to enable the correct logging options on the Astaro Security Gateway appliance, how to import these log files into Vantage, and analyze the data on the Summaries screen.
The best way to configure logging is to setup a 3rd party syslog server (such as Kiwi Syslog) on a machine in your network, then configure the Astaro Security Gateway to send syslog messages to that server. The syslog server then creates log files that can be imported into WebSpy Vantage. This video takes you through that process.
Importing and Analyzing Astaro logs
Once you have successfully configured syslogging on your Astaro Security Gateway, you can import the log files into WebSpy Vantage and analyze activity on the Summaries screen. This video takes you through that process.
We intend to make some Astaro specific report templates available on our Astaro How To page soon.
Until then, feel free to create your own templates, or modify our existing web reports to include the extra goodies contained in the Astaro logs.
TIP: To modify an existing web report, right-click the report and choose ‘Duplicate template’. Then choose the “Astaro Security Gateway – Filter with category” schema. You’ll then have a report template that you can modify to include all the Astaro summaries, such as Actions and Categories.
If you need some assistance getting the report(s) you need, feel free to contact me, or firstname.lastname@example.org.