Today I was speaking to a customer that had the following reporting request. "I would like to know how much of my bandwidth is being eaten by each protocol. I will then use this information to determine if circuit may need to be increased due to increased traffic". This customer was collecting syslog messages from a Cisco Firewall, then using WebSpy Vantage to generate reports. There's a simpler method.
We've just released an auto update for WebSpy Vantage (Premium, Giga and Ultimate) as well as the Web Module. This is a great update for Vantage Ultimate users as we've introduced a new feature/tab into the Web Module called 'Dynamic Reports'. Here's the full list of changes since the last auto update (2.2.0.32 on the 14th April 2010).
We have just added support for the 'Group' field in IronPort's access logs. You can add this field to your logs by adding %g in the 'Custom Fields' edit box. We have also added support for the custom fields Body Request Size and Body Response Size.
Our support for Microsoft Forefront Threat Management Gateway is quite new and we’ve just fixed a couple of issues that we haven’t yet released as a public update yet. In particular, this update fixes the "specified cast invalid error" that occurs when importing the Web Proxy database logs.
Most of our customers using Microsoft ISA server are probably aware by now that Microsoft have released the new version of ISA server, which is now re-branded as Microsoft Forefront Threat Management Gateway (TMG). In addition to this, Microsoft has also re-branded its Internet Access Gateway (IAG) to Unified Access Gateway (UAG). […]
Now that Microsoft have officially released the long awaited Windows 7 Operating System, I thought I'd write a quick blog on WebSpy's current support for Windows 7.
In the log file analysis world, we're always dealing with large volumes of data. By default, WebSpy Vantage stores its data, including the storages that you import log files into, somewhere on your c: drive. Changing this location to somewhere with more disk space is therefore one of the first steps that customers like to perform, so I thought I'd write a quick blog to explain the locations you should be aware of and how to change them.
Microsoft have announced the availability of Microsoft Forefront Threat Management Gateway (TMG) Release Candidate (RC). This is the final public release of TMG before it is made available to purchase. If you're considering upgrading your ISA Server to TMG, this means that you can start your deployment using the Release Candidate, and simply switch it to a licenced version with no additional configuration changes once the full release is available.
Attention all Vantage customers (and triallers). We've just released build 2.2.0.8 as an auto-update. This build includes new features such as scheduled data purge, support for Microsoft Forefront Threat Management Gateway, and scheduling CSV imports into your Organizational structure.
Using Date Modifiers in file masks are a great way to increase the speed of your imports as they remove all the logs you don’t care about from the import list. If you're using WebSpy Vantage, you are probably interested in filtering your log file imports by date (only import files from the month of June for example). The obvious way to do this is to specify a date filter using the filters page in the Input Wizard. The problem is Vantage will still check every record in every log file being imported to see if it matches the date filter. If you have months or years worth of logs in the folder being imported, that's a lot of data that Vantage has to pointlessly sift through. The good news is, if your log files contain the date in their file name, then you can use file masks to instruct Vantage to never touch these unwanted files.