Our website requires you install or enable flash player for full experience, you can download flash player by clicking here.
Make sure you also have javascript enabled so that flash player & menus work correctly.

Get Adobe Flash player

What would you like to monitor?

For when WebSpyrians have something to say.

Page 1 of 212»

Archive for the ‘IronPort’ Category

Vantage Update 2.2.0.68 (Exchange 2010, Juniper and IronPort Traffic Logs, and more)

Tuesday, January 25th, 2011

We have released an automatic update for the Vantage range of applications. This update includes some new loader formats, an experimental feature as well minor fixes and improvements.

Of note, this release includes full support for Microsoft Exchange 2010 Tracking logs (previously supported with the Exchange 2007 loader, but missing a few fields), as well as JunOS (Juniper) Traffic Logs, IronPort Traffic Monitor Logs and Squid Syslog. (more…)

Share|

Tags: , , , , , , , ,
Posted in IronPort, Loaders, Microsoft Exchange, Microsoft Threat Management Gateway, Software Updates, Vantage, WebSpy, WebSpy News Update | No Comments »

How much do IronPort WSA Appliances eat?

Friday, November 12th, 2010

If you are thinking about deploying IronPort Web Security Appliances you probably want to plan how much disk space to budget for with regards to logging and reporting.

Every organization is different with regards to the volume of logs it creates, but I’ve averaged three data sets submitted to us by customers to produce the following estimates. (more…)

Share|

Tags: , , , , , , , , , , ,
Posted in IronPort, Log File Analysis, System Administration, Tips and Best Practices, Vantage, WebSpy, cisco, storages | No Comments »

Vantage Update 2.2.0.55 (Clearswift, Palo Alto Networks, WatchGuard and more)

Tuesday, October 12th, 2010

We’ve just released an auto update for the Vantage software range. This release includes some new log format additions, and some fixes to existing formats. (more…)

Share|

Tags: , , , , , , , , , , , , , , , , ,
Posted in ClearSwift, Firewall Analysis, FlowMonitor, IronPort, Loaders, Log File Analysis, Microsoft ISA Server, Partners, Software Updates, Third Party, Vantage, WebSpy News Update, cisco | No Comments »

Advantages of using WebSpy with Cisco IronPort – New Video

Thursday, September 2nd, 2010

WebSpy has been working closely with Cisco and the IronPort team over the past few years to develop what we believe is the most intuitive, flexible and fastest reporting solution for Cisco IronPort users.

We’ve just completed our ‘WebSpy Reporting for Cisco IronPort’ video. Although this video is aimed at the Cisco channel we’d thought we share it with the rest of the WebSpy community as it provides a great high level overview of Vantage Ultimate’s ability to, not only import and spit out reports, but to learn about an organization’s structure in order to securely deliver the right report to the right person at the right time.

(more…)

Share|

Tags: , , , , , , ,
Posted in IronPort, Vantage | No Comments »

Vantage Update 2.2.0.48 – New Loaders, Features and Fixes

Thursday, July 29th, 2010

We’ve just released an update to the Vantage range of application, including the Web Module.

This release will be welcomed with open arms by many customers for the following reasons:

  • General usability improvements in the Web Module
    Multi-select / delete options, Ajax progress indicators to avoid page refreshes, export from Dynamics Report tab and more (see below)
  • Fixes to the Microsoft Forefront TMG loader
    See my other post: Microsoft Forefront TMG logs size fields the wrong way around. Also fixed ‘value cannot be null’ error when importing SQL logs.
  • Fixes to storage corruption issues
    This build should prevent ‘Normalization Index’ storage corruption issues from occurring. This often occurred after importing data, editing some log inputs and reimporting.
  • New loaders and more fixes
    See below for the full list

(more…)

Share|

Tags: , , , , , , , ,
Posted in IronPort, Loaders, Microsoft Threat Management Gateway, Reports, Software Updates, Vantage, Web Module, WebSpy, WebSpy News Update | No Comments »

Video: How to use WebSpy Vantage to report on IronPort log files

Friday, June 18th, 2010

I’ve produced a video on how to use WebSpy Vantage to report on IronPort’s Web Security Appliance’s access log files. It is quite a detailed look at the key tasks involved in setting up and using WebSpy Vantage with IronPort WSA access logs, and is therefore divided into several parts. The videos take you through the following activities:

  • How to import your log files and explore the information recorded by IronPort using the Summaries screen
  • How to open the customized IronPort Report Templates and Aliases
  • How to generate reports
  • How to import your organizational structure and report on departments
  • How to setup the Web Module and publish reports

(more…)

Share|

Tags: , , , , , , , , , ,
Posted in Aliases, Firewall Analysis, How To, IronPort, Log File Analysis, Reports, Scheduled Tasks, Tips and Best Practices, Vantage, Web Browsing Analysis, Web Module, WebSpy | No Comments »

Vantage Update 2.2.0.43

Thursday, May 20th, 2010

We’ve just released an auto update for WebSpy Vantage (Premium, Giga and Ultimate) as well as the Web Module.

This is a great update for Vantage Ultimate users as we’ve introduced a new feature/tab into the Web Module called ‘Dynamic Reports’.

If you’re publishing the same report to the Web Module each day, you can use the Dynamic Reports tab to select a date range and a department (or whatever organizational groups you have defined) and the Web Module will collate all the daily reports that match that filter into one report. This allows you to report on entire week, month or year by simply ‘reporting on reports’, rather than reporting months of raw storage data.

Here’s the full list of changes since the last auto update (2.2.0.32 on the 14th April 2010).

Application Changes

  • Added Dynamic Reports feature to the Web Module.
  • Rewrote the Web Module transfer protocol. New protocol adds version checking, connection checking, and integrity checking for high latency environments.
  • Purge data from storage task no longer prevents importing new hits when all data is removed from an input within a storage.
  • IPv6 addresses now show IPv4-mapped addresses as plain IPv4 addresses in summaries.
  • IPv6 and IPv4 addresses are now freely interchangable in filter expressions.
  • Fixed IPv6 drilldowns on the Summaries screen
  • SQL inputs can now be resumed from the previous position. Previously any input that was partially imported would be skipped when importing new hits.
  • Template-based analysis has been fixed, no longer results in blank/non-existent analysis.
  • Added new string manipulation functions to expression language; Contains, StartsWith, EndsWith, IndexOf.

Loader Changes

  • Astaro: Now checks that the ID field is present in a line before attempting to read it.
  • Barracuda Web Filter: Added this format to replace Spy Filter.
  • BlueCoat Proxy SG W3C: Added support for gmttime, timestamp, x-bluecoat-surfcontrol-is-denied and x-bluecoat-transaction-id.
  • ClearSwift: Added a new loader group for ClearSwift that includes the MimeSweeper loaders
  • ClearSwift SECURE Web Gatway: Now supported with the Web Appliance loader
  • Clearswift Web Appliance: User summary displays Source IP if Username is blank.
  • IronPort WSA: Fixed memory usage issues.
  • Microsoft FTMG: Added category name lookup to SQL loader.
  • Microsoft FTMG: No longer fails to import lines where the rule field contains square brackets.
  • Microsoft FTMG: URL Category field is now a string instead of an integer. Added URL Categorization Reason field.
  • Microsoft FTMG: Fixed memory usage issues.
  • Microsoft IIS W3C: No longer hangs or crashes when loading a file that isn’t IIS W3C.
  • NetAsq: Added support for srcname field. The Username summary is populated with user first, and then srcname if user is blank. The User summary is also now populated with Source IPs if the Username summary is blank.

To update WebSpy Vantage, simple select Tools | Check for updates.

To update the Web Module, login to the Web Module server, right-click the WebSpy system tray icon, and select Check for updates.

As always, please contact us if you have any issues or questions.

Share|

Tags: , , , , , , , , , , , , , , , , ,
Posted in IronPort, Loaders, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, Software Updates, Tips and Best Practices, Vantage, Web Module, WebSpy | No Comments »

Page 1 of 212»