Our website requires you install or enable flash player for full experience, you can download flash player by clicking here.
Make sure you also have javascript enabled so that flash player & menus work correctly.

Get Adobe Flash player

What would you like to monitor?

For when WebSpyrians have something to say.

Page 1 of 3123»

Archive for the ‘Loaders’ Category

Vantage Update 2.2.0.68 (Exchange 2010, Juniper and IronPort Traffic Logs, and more)

Tuesday, January 25th, 2011

We have released an automatic update for the Vantage range of applications. This update includes some new loader formats, an experimental feature as well minor fixes and improvements.

Of note, this release includes full support for Microsoft Exchange 2010 Tracking logs (previously supported with the Exchange 2007 loader, but missing a few fields), as well as JunOS (Juniper) Traffic Logs, IronPort Traffic Monitor Logs and Squid Syslog. (more…)

Share|

Tags: , , , , , , , ,
Posted in IronPort, Loaders, Microsoft Exchange, Microsoft Threat Management Gateway, Software Updates, Vantage, WebSpy, WebSpy News Update | No Comments »

Vantage Update 2.2.0.55 (Clearswift, Palo Alto Networks, WatchGuard and more)

Tuesday, October 12th, 2010

We’ve just released an auto update for the Vantage software range. This release includes some new log format additions, and some fixes to existing formats. (more…)

Share|

Tags: , , , , , , , , , , , , , , , , ,
Posted in ClearSwift, Firewall Analysis, FlowMonitor, IronPort, Loaders, Log File Analysis, Microsoft ISA Server, Partners, Software Updates, Third Party, Vantage, WebSpy News Update, cisco | No Comments »

Vantage Update 2.2.0.51 (UrlCategory Fix for Microsoft TMG)

Thursday, August 26th, 2010

We have released an update to the Vantage range of applications to fix an issue with the Microsoft Forefront Threat Management Gateway (TMG) loader. (more…)

Share|

Tags: , , , , , , , ,
Posted in Loaders, Log File Analysis, Microsoft Threat Management Gateway, Software Updates, Vantage, WebSpy | No Comments »

Vantage Update 2.2.0.50 (Juniper SA, Forefront Protection and more)

Monday, August 23rd, 2010

We have just released an auto update for the Vantage range of applications. This update includes support for the Juniper SA series and Microsoft Forefront Protection for Exchange 2010.

Here’s the full list of changes:

  • New: Juniper SA Series. Vantage can import and report on web traffic and VPN connections.
  • New: Microsoft Forefront Protection for Exchange 2010 format.
  • New: Avencis SSOx.
  • Improved: IronPort WSA: Department and Message fields were sometimes returned as null. Fixed.
  • Improved: Microsoft FTMG: Removed usage of deprecated “FilterInfo” field from W3C Web format.
  • Improved: Microsoft IAS Radius: Added support for Source/Destination IP and port (field code 5000).

(more…)

Share|

Tags: , , , , , , ,
Posted in Loaders, Microsoft Threat Management Gateway, Software Updates, Vantage, WebSpy, WebSpy News Update | No Comments »

Vantage Update 2.2.0.48 – New Loaders, Features and Fixes

Thursday, July 29th, 2010

We’ve just released an update to the Vantage range of application, including the Web Module.

This release will be welcomed with open arms by many customers for the following reasons:

  • General usability improvements in the Web Module
    Multi-select / delete options, Ajax progress indicators to avoid page refreshes, export from Dynamics Report tab and more (see below)
  • Fixes to the Microsoft Forefront TMG loader
    See my other post: Microsoft Forefront TMG logs size fields the wrong way around. Also fixed ‘value cannot be null’ error when importing SQL logs.
  • Fixes to storage corruption issues
    This build should prevent ‘Normalization Index’ storage corruption issues from occurring. This often occurred after importing data, editing some log inputs and reimporting.
  • New loaders and more fixes
    See below for the full list

(more…)

Share|

Tags: , , , , , , , ,
Posted in IronPort, Loaders, Microsoft Threat Management Gateway, Reports, Software Updates, Vantage, Web Module, WebSpy, WebSpy News Update | No Comments »

Accessing Microsoft Forefront TMG’s Log Files (SQL Express)

Friday, June 11th, 2010

If you need to analyze and report on Microsoft Forefront Threat Management Gateway log files, the most common stumbling block is enabling access to the default SQL Express databases that contains the firewall and web proxy log files.

The log databases are stored in an SQL Express instance named MSFW. By default these databases cannot be accessed by a remote computer. I’d first like to say that we recommend changing TMG’s logging to W3C text files, as these logs are about 5-6 times faster to import, and you don’t need to worry about the steps below.

But if you need to stick with the SQL Express logging, here are the basic steps to enable access to the logs from a remote computer: (more…)

Share|

Tags: , , , , , , , , , , ,
Posted in Firewall Analysis, How To, Loaders, Log File Analysis, Microsoft Threat Management Gateway, Vantage, Web Browsing Analysis, WebSpy | No Comments »

Vantage Update 2.2.0.43

Thursday, May 20th, 2010

We’ve just released an auto update for WebSpy Vantage (Premium, Giga and Ultimate) as well as the Web Module.

This is a great update for Vantage Ultimate users as we’ve introduced a new feature/tab into the Web Module called ‘Dynamic Reports’.

If you’re publishing the same report to the Web Module each day, you can use the Dynamic Reports tab to select a date range and a department (or whatever organizational groups you have defined) and the Web Module will collate all the daily reports that match that filter into one report. This allows you to report on entire week, month or year by simply ‘reporting on reports’, rather than reporting months of raw storage data.

Here’s the full list of changes since the last auto update (2.2.0.32 on the 14th April 2010).

Application Changes

  • Added Dynamic Reports feature to the Web Module.
  • Rewrote the Web Module transfer protocol. New protocol adds version checking, connection checking, and integrity checking for high latency environments.
  • Purge data from storage task no longer prevents importing new hits when all data is removed from an input within a storage.
  • IPv6 addresses now show IPv4-mapped addresses as plain IPv4 addresses in summaries.
  • IPv6 and IPv4 addresses are now freely interchangable in filter expressions.
  • Fixed IPv6 drilldowns on the Summaries screen
  • SQL inputs can now be resumed from the previous position. Previously any input that was partially imported would be skipped when importing new hits.
  • Template-based analysis has been fixed, no longer results in blank/non-existent analysis.
  • Added new string manipulation functions to expression language; Contains, StartsWith, EndsWith, IndexOf.

Loader Changes

  • Astaro: Now checks that the ID field is present in a line before attempting to read it.
  • Barracuda Web Filter: Added this format to replace Spy Filter.
  • BlueCoat Proxy SG W3C: Added support for gmttime, timestamp, x-bluecoat-surfcontrol-is-denied and x-bluecoat-transaction-id.
  • ClearSwift: Added a new loader group for ClearSwift that includes the MimeSweeper loaders
  • ClearSwift SECURE Web Gatway: Now supported with the Web Appliance loader
  • Clearswift Web Appliance: User summary displays Source IP if Username is blank.
  • IronPort WSA: Fixed memory usage issues.
  • Microsoft FTMG: Added category name lookup to SQL loader.
  • Microsoft FTMG: No longer fails to import lines where the rule field contains square brackets.
  • Microsoft FTMG: URL Category field is now a string instead of an integer. Added URL Categorization Reason field.
  • Microsoft FTMG: Fixed memory usage issues.
  • Microsoft IIS W3C: No longer hangs or crashes when loading a file that isn’t IIS W3C.
  • NetAsq: Added support for srcname field. The Username summary is populated with user first, and then srcname if user is blank. The User summary is also now populated with Source IPs if the Username summary is blank.

To update WebSpy Vantage, simple select Tools | Check for updates.

To update the Web Module, login to the Web Module server, right-click the WebSpy system tray icon, and select Check for updates.

As always, please contact us if you have any issues or questions.

Share|

Tags: , , , , , , , , , , , , , , , , ,
Posted in IronPort, Loaders, Log File Analysis, Microsoft ISA Server, Microsoft Threat Management Gateway, Software Updates, Tips and Best Practices, Vantage, Web Module, WebSpy | No Comments »

Page 1 of 3123»