custom reports
Hi, I was just wondering if there is any way to get a custom report for a specific month on the data shown in live reports. I basically want to choose a month and see min, max and average traffic. thanks.
Admin Report
I would like to be able to schedule for the Admin Report to be emailed to me every day. I've looked through the filters, and the manual report generation, but have not been able to only receive the Admin Rerport. Any help would be greatly appreciated. --Samuel
Unsupported data log recived from ASA5510
Hello! I am testing FA and i configure my ASA to send message to FA. I set severity 20 and logging traaap infoormational ...I get the info Unsupported data log recived . I set the same on my PIX 6.3 and is working fine. What could be a problem?
Firewall List Sort Order
Hi, I've added some firewall and everything is going well loggin wise. The trouble I have is I did not enter the firewall in the order that I want to have them displayed in the list. Now that the firewalls are added to the list I cannot change this order or sort. Who do I do this? I can see where I'd add firewalls in the future and would want them in a certain location in the order rather than at the bottom of the list since it was the last to be added. Please help sort the list. Cheers, Markcnz
my opinion
It's nice
Adtran Netvanta 3448
I am trying to view reports from my netvanta 3448 Adtran firewall to the Firewall analyzer. However even though it is receiving the syslog (info) packets it isn't giving me any information in the traffic analysis. It analyzes about 2-4 of the lines and then just archives the rest. Is there something that I am missing and how can I extract the logs and send them so you can support Adtran Devices. Thanks a million so far the product looks like what I am looking for however I just need it to work for
How to monitor VPN sessions on Netscreen 50
Dear all, I have test FA4 for several days, and I can get some very useful reports. This is a great tool. But the most concern for us is VPN reports because our branch offices connect to H.Q. via VPN on Netscreen 50/5GT, of course including some VPN client users. How can we do it? Any comments are welcomed.
Cisco 8141 router
i am trying to use firewall analyzer with an 1841 router w/ firewall feature set. i can't get any data from the firewall to the FWA server...has anyone one this?
Does Firewall Analyzer support Netscreen SSG550?
Does Firewall Analyzer support Netscreen SSG550 firewalls? I try to import netscreen SSG550 env_log to Firewall Anyalyer But cannt see any Report , can you tell me how to do it?? Thank you
Uncatagorized/Unknown Services and Ports Help!
I have an issue with protocols catagorized as Unassigned and are listed as unknown. There virtually no information that shows what those ports are outside of the home page and clicking the question mark to list them. The problem is that there is no way to actually tie a particular unknown protocol or port to a specific report with that list. I am in the process of redesigning a firewall policy for 80 remote locations sharing one internet connection at one of the locations. I create a filter by network
Check Point LEA
Hello, I have a Check Point management stations with two attached R55 firewall clusters (two firewall members each cluster). The LEA communication to the management is working fine, but only one of the two firewall clusters is showing up in the reporting. Is there a limitation of firewalls (cluster) per management station? Thanks Christopher
Database creation failed
Hi, We had an instance of very high logging for a period of time. The data base has grown very large very rapidly. And also the server drive actaully ran out of space. Now the Firwall Analyser does not start. It reports "Database Creation Failed" How can we repair the database to get it running again? Also how do we prune the database? I have attached the log. Thanks Scotty
Raw Logs
I tried to extract one of the archived log files as per supports recommendation. The document was unreadable. Is there any way to view the raw syslog data collected. Is their a log file somewhere that I can grep for information?
fwanalyzer on windows issues
I have now been trying to test this application for couple weeks. I have it running on windows server 2003 enterprise with 4GiGs of ram & 830GiG's RAID 5 data storage. I am using the most recent version of fwanalyzer along with the mysql-nt.exe update that was in one of the other posts relative to windows issues. I have also made tweaks to the mysql configuration as per the performance info. We have all the data being output'd from a cisco fwsm to the fwanalyzer server. At midnight each night I have
Create Alerts for certain website access
How do I create an alert for access to certain websites, like YouTube? I tried creating it, by using URL starts with www.youtube.com, but its not working. I want to see how much traffic/bandwidth is used accessing some sites, and make a decision based on the results, wether it is affecting our overall bandwidth usage. Thank you. Marlon
Cisco VPN Concentrator - lack of log data
I am evaluating FA4 build 4030 and have a strange issue. My Cisco 3005 VPN Concentrator has been configured as specified (Syslog server address, port specified to match the syslog server on FA4, Severities 1-5 being sent to Syslog). However the only events that seem to get noticed/reported on in FA4 in my login to the VPN Concentrator console/gui. No other IPSEC/VPN communication gets logged. I have also enabled syslog to another device from the Cisco VPN I am getting a lot of information. What happens
Status 404 fw/mindex.do
For some reason after a new installation and starting the the application on a unbuntu server I get a Status 404. has anyone seen this. Could you provide some guidance as to what is going on.
Alerting on individual host download thresholds
Hi all, Firstly, thanks to the support team for identifying and fixing my earlier issue with unusual sent/received statistics. Im now wondering if it is possible to produce an alert that would identify individual hosts that have downloaded more than say 1GB per day. I realise it is possible to create an anomoly alert filtered by a network address but the alert created is triggered when the threshold is reached for the entire subnet. Not exactly what I expected but I guess it makes sense. What I would
Behind a Juniper firewall
Hello, Currently I am behind a Juniper firewall. Is this firewall supported through the software? If it is then I am in need of assistance I cannot get the software to recognize my firewall. Thanks, Travis
last hour
Is there anyway to drill down into the last hour?
Password reset
Hi, I need reset password for ME Firewall Analyzer v. 4, Trial vers. admin/admin combination did not work for me. Thank you for help Milan
Password needs to be reset
I reinstalled FWA and the password needs to be reset so I can login. Can you email my those instructions? Also, is there a license file I need so this software will run longer than the 29 days I saw when I selected the FWA? Chris
NoFirewall configured!!
I have configured my PIX 515E for FWA.The PIX is exporting the logs to the specified IP on UDP port 1514 but on deshboard it is showing No Firewall is currently exporting logs to FWA. Please help. THanks, gm
Microsoft Exchange traffic "unknown protocol"
Hello - I am testing Firewall analyzer for our Netscreen VPN deployment. This will consist of roughly 60 Netscreen devices varying from 5XP's to the newer SSG models. I have some questions: 1. Will the application run on a VMware virtual server running Windows 2003? 2. Does the Database clean itself up? Delete logs before the drive hits capacity? 3. We are running a pure route based VPN environment (no policy based VPN's). Do the VPN reports only function in a policy based environment? I am not seeing
Unusual Statistics - Cisco PIX
Hi there, I have been trialling the Firewall Analyzer as a tool for investigating internet abuse on our corporate network. My initial impressions of the product are good but there is something that is bugging me about the way sent/receive statistics are displayed. Basically, the UI displays hardly any sent traffic for any host with the exception of our Exchange server which is obviously sending mail to the outside world. My firewall is a Cisco PIX and I have read the configuration guidelines relating
Timestamps on website visits - using PIX 525
Trying to retrieve the timestamp details of websites visited by a single workstation. We are able to report on total duration, but can't seem to retrieve the timestamp details of when the websites were visited.
Unable to connect with localhost:8500
Hello, I downloaded the bin file and installed it under Fedora, the installation was fine, but the web page can't be shown with http://localhost:8500, I was afraid that the Apache service couldn't find the directory or the port, even I modified it, it still couldn't work, and there's no detailed information in the description, please give a hand, thanks alot!
netfilter support, really? doesn't seem that way
Not one post regarding netfilter/iptables. Thoughts?
After install will not start
When I try to start the trial version I get this. I tried to search the site but it seems to be broken. Press t to start the product in Evaluation mode l to provide the User Name and License File path e to Exit Choose an Option :: t ERROR CODE : 469 Invalid License File Please contact AdventNet, Inc. 5645 Gibraltar Drive Pleasanton, CA 94588 USA Phone: +1-925-924-9500 Fax : +1-925-924-9600 Email : info@adventnet.com WebSite : http://www.adventnet.com
Watchguard showing No Data
I am currently getting no data available for My Firebox 1250x with fireware 9.0. At one point i had data, just not live traffic and it was working fine. now I am getting no data. Went through a bunch of posts here and tried a few things with no joy. Any suggestions
Cisco VPNC issue
Please help, I could see log on Firewall Analyzer from Cisco VPNC. I have installed FA on my server and configure Cisco VPN Concentrator 3000 to send syslog on port 514 UDP. SAP3 is installed, FA build is 4030. There are files <Firewall Home>\server\default\archive\<IP of VPNC>. Date and time in those files match the system time. I can see packets by sniffer. I so not see VPNC as Device in Dashboard, so I can not see it in packet count. I attached support_file below. Thank you in advance, Vladimir
VPN Traffic not coming on dashboard
I am not able to see the VPN traffic running through my PIX firewall 515E. Also i am not able to see the Ougoing traffic. i configured as: logging host inside 192.168.1.X 17/1514 Please suggest
Firewall
how do i disable my wndows firewall ?
Unknown User ?
The USER field shows as unknown on every report. How do I link this to active directory or anything else to populated the column? Or am I misunderstanding the use of this field?
Define client VPN IP address range?
Hi All. I am collecting data from a cisco pix 515 firewall which is also used for client VPN's. The reports for VPN usage however do not show any data. Does anyone know how/where you can define what is classed as VPN client traffic? I simply want to differentiate normal traffic from my VPN users connecting, so that i can analyze the results correctly. Thanks
CISCO FWSM support
When you will support CISCO FWSM?
"Add Protocol" does not function
When I attempt to add an unknown protocol or modify an existing protocol I either get a mostly blank (except for a couple of html tags and the Add New Protocol title bar) pop-up window (no pop-up blockers running) and on occassion I may see a java exception error: type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception java.lang.StringIndexOutOfBoundsException: String index out of range: -1 java.lang.String.substring(Unknown
Reports doesn't take in count all my logfiles.
Hello, We are testing your product and are very interested however we are encountering problems. I'm importing a month of daily logfiles. The import is done localy and is not using Syslog server. I can see all my logfiles importing but the report is only showing th first 3 days of logs. Here under my parameter of StatDB.bat file : --innodb_buffer_pool_size=1024M --key-buffer-size=1024M --innodb_file_per_table --max_heap_table_size=512M --tmp_table_size=1024M --innodb_flush_log_at_trx_commit=0 --log-error
Firewall Analyzer on SSG520
Help Please i already configure ssg520 as per on insctructions on the site and install FA on my machine. Errors saying "No firewall is currently exporting logs to Firewall Analyzer" Anybody can help me, if this things work i will purchase the product. Thanks
Checkpoint multicast logs
I am observing logs from an external ip towards the destination----224.0.0.1 over port no. 2 now how can i know which subnet it is intended towards. Also what are the mitigating strategies on checkpoint firewall that i can use to block this traffic explicitly?
Next Page