Different Platforms for Firewall Analyzer support
Dear Support The product seems to be very promising. I wanted to know on what all platform the software is available. We are particulary looking for HP-Unix platform. Regards..
Quick import Squid log file
Hi, I've set time interval 60min. for import log file from Squid to Firewall analyzer by ftp. It works very well, but sometime I can't wait for this interval and I need run import by hand. It is possible? Thx Milan
Service Creation Script for Linux
I'm fairly new to Manage Engine products and linux. I'm unable to get the default service creation script to work on RHEL 4.x. It appears that many of the links in the script reference incorrect directories. It also looks like there's some problems with the logic of the script. One of the problems I see is the script references the /etc/init.d directory when it's /etc/rc.d/init.d on my system. Another problem I did find was that it appears that it sets the service to run at Run Level 5. My installation
Restore a device
I accidentally deleted the wrong PIX from FWA. Is there a way to restore the device and data?
Alert Profile logs gone
Hi Everyone, I created this Alert for Top Host Received third week of August 2006 and so far the reports were sent to me via email and was successful. When I came in the office today (September 5, 2006) and checked the previous alert reported I was kinda surpised that the report generated in the web is back to zero. The logs that were generated for that span of time for the month of August were gone. Aside from receiving reports via email, I can also read the report via web by accessing the Manage
Live Report not quite right
We love the software, it works great. However, we are getting mixed results with the Live Report. It shows current traffic just fine, but historical is not so good. The week and monthly data stops recording all of a sudden. The data is coming in, It is reported in all other reports and screens. Just the historical data disappears. Some times it will start up again, and then stop reporting. Any ideas?
Warning Events
Hi Everyone, I'm a newbie when using this ManageEngine Firewall Analyzer. I need help. Please help me understand the messages below under the Warning Events. These are the messages generated with Warning Severity. a) %ASA-4-106023: Deny icmp src dmz:X.X.X.12 dst inside:X.X.X.10 (type 8, code 0) by access-group "dmz_access_in" b) %ASA-4-106023: Deny tcp src outside:X.X.X.69/80 dst inside:X.X.X.101/5775 by access-group "outside_access_in" c) %ASA-4-106023: Deny udp src outside:X.X.X.28/53 dst inside:X.X.X.100/1071
Virus report
Hi there What traffic will tricker content in the Virus report? I had an attack yesterday but there is nothing in the report. Regard Bjarne
Request New Feature for Log File Import inLinux - SQUID Prox
Most versions of Linux come with SQUID proxy server. ALL log files for ALL applications are stored in /var/logs and root access is required to imports ANY log including the SQUID Proxy Log Please add a run as root feature to the import of log files screen Many thanks
Feature Requests: Config Options, Quick Search, Etc..
1) Quick Search: At a bare minimum I'd like to see a quick search bar at the top left where I can enter an ip address or host name and see all input/output and destination reports for that ip address or host name. It should try to resolve the IP address to the host name and vice-versa to match either type of entry in the logs. Right now if someone asked me what traffic I have for a specific server I don't know how I'd find that in the system. It would be nice if this search would also recognize protocols
Firewall Analyzer Report NTP Protocol as News
My Firewall Analyzer is connected to a Checkpoint Firewall using LEA. It is reporting News traffic, however when I look at this it is actually a server connecting to a Internet NTP (Network Time Protocol) server.
User Authenication Setup in Checkpoint R55
Hi, I want to installed a rule for user authenication. Here is the setting: Source: AllUser@Host_A Destination: ServerB Service: Telnet Action: User Authentication Authentication Setting on Gateway: All checkbox for "Enable Authenication Schemes" are checked. After installing the rule, I try to telnet ServerB from HostA, no prompt for username or password From Firewall Gateway. But, message, "Check Point Firewall-1 authenication Telnet server running on GatewayC" , is displayed. When I check the
problem in analysing Squid proxy logs
hi i have just downloaded the Firewall analyser software from the looks it looks great. but i am facing one problem when i FTP the log of squid to the firewall analyser software i am not able to see the report. neither i am able to see any device could some one will help me in this regard thanks Nick
Netscreen 204 firewalls
Does Firewall Analyzer support Netscreen 204 firewalls?I would like to evaluate this product for my 204's. Thank you,
Reliability of MySQL of FW Analyzer
Hello, Like to enquire about the reliability of the MySQL DB that runs in FW Analyzer. I'm evaluating FA Analyzer for 5 days. 2 Netscreen 25 firewalls & 1 Sonicwall IPS Pro3060 send their logs in Webtrends format to the FA. Today the FW Analyzer stopped working. I was not able to start the FA service again. Every unsuccessful attempt to start the FW Analyzer service will result in the event log having this message: There were 5 failed launches in a row, each lasting less than 300 seconds. Giving
Get unauthenticated LEA with CP working
Peoples - ive just downloaded the FWanalyzer - im trialing it, and need it to get the Checkpoint exporting logs interoperability working. I have looked at instructions, but still im getting "No firewall is currently exporting logs to Firewall Analyzer" on the hime page. Ive changed OPSEC.conf on the CPmanagment machine as requested to lea_server port 18184 lea_server auth_port 0 Restarted the cp services What are the next steps in detail tat have to be done to get it to communicate UNauthenitcated
Fortigate and Virus Reports
Hi, I'm on a trial with FWA for reporting Fortigate 200A as alternative to FortiLog. But I've found first problem: Virus Reports are not generated. Virus messages are classified for Security Reports. Message: host.domain.com Warning 1 8th Feb 2006, 11:45:00 The file price.zip is infected with W32/Bagle.DW-mm. ref http://www.fortinet.com/VirusEncyclopedia/search/encyclopediaSearch.do?method=quickSearchDirectly&virusName=W32%2FBagle.DW-mm. is on a List of Warning Events Generated. How to enable Virus
Unknown packet details for NS25. Record format unsupported.
Hello, I've 2 NS25 firewall. Both firewalls are configured to point to 2 separate Syslog servers, a 3Cdaemon and ManageEngine FW Analyzer. However, the FW Analyzer is not able to display loggings from the NS25. Pls refer to attach screen capture. Unsupported logging format it seems. However, the 3Cdaemon is able to capture. The FW Analyzer is able to capture & display from my Sonicwall device. The syslog config on the NS25 seems pretty straight-forward. Pls advice. Thanks.
High CPU usage when running FA
Running Firewall Analyzer and CPU usage spikes to 100% (java.exe). Is this normal or is there a setting I can change to fix this issue? Client: P4 2.4Ghz 1.25 GB RAM WinXP Pro SP2 Firewall Analyzer: v4.0.1 build 4012
What files can I delete to free up disk space?
After less than a week of firewall data, I'm using about 10GB -- so for the long term I have a couple questions: 1) Are there files that I can periodically delete to free up disk space? I am using Checkpoint logs with an LEA connection. After a couple days, some files showed up in the "Archived Files" section, so I deleted those. However, the majority of disk space is still being used up by files in the Firewall/server/default/archive directory. If the data is already in the mysql database, can these
Checkpoint Logging Stops at Midnight when NG Logs Rollover?!
Running Checkpoint NG. Got it working great yesterday after entering an absolute path to the opsec.p12 file in the conf file. Worked excellent all day yesterday, but at midnight (when Checkpoint rolls over to a new log file), all logging stopped abruptly. Deleting the Checkpoint firewall in Firewall Analyzer and re-adding it again this morning made everything start working again. What can I do to prevent this from happening every night at midnight? If I can get this product running smoothly, it would
NS25 and FA4 demo
Hello following my earlier 'guest' post I have been playing with the settings using both Syslog and Webtrends reporting from a Netscreen 25. You said I should only select one of these, so I have now selected Syslog on port 514. I have deleted the second syslog server running on port 1514. Is that normal? When I selected the Listening Ports option I had a number of 1514 and 514 ports listed. Also, the Live Report kbps graph doesn't seem to update the data line. The time grid moves with the clock,
Squid Imported logs schedule not working
I'm using Firewall Analyzer trial since nearly a week now. I'm very impressed by this software and we are considering to buy it. One point which interrest we a lot is the Squid proxy analysis. So I have setup a log import every 10 min via FTP for my access.log, store.log and cache.log. It works fine, the only issue is : the schedule is not working. Any idea why ? anythink I missed ? Thanks Vector
Netscreen 25
I just installed the demo of Firewall Analyzer to try with my Netscreen 25. Do I assume that I should select either Webtrends logging or Syslogging but not both?
When is Firewall Analyzer version 4020 coming out?
When is Firewall Analyzer version 4020 coming out? Within the next 2 months? I would like to know. Thanks!
Change alert emails
Is there any way to change the text sent out in an email alert? I'd like certain alerts to go to a pager, however I don't need all the text that gets sent out. In fact, with all the text, the part of the alert that I'm interested in is cut off on the pager. Thanks.
Configuration information
Could you send me the detailed Step by Step information to export Checkpoint NG & Squid proxy logs to the FW Analyser application. I have just downloaded the app & would like to test it.
More Squid proxy servers
hi, I've 4 proxies in our WAN. When I'm using ftp for download log files from servers > I can see 4 different Traffic statistics. When I download 4 log files from servers to monitoring server /where I've Firewall analyzer/ and set 4 import logs record, I see only one Traffic statistic. It is possible to see 4 different Traffic statistics when I've 4 log files at same server? Milan
Add PIX firewall
I've installed a trial ver of Firewall Log analyzer and i am tring to add PIX firewall and i can't. How do i add PIX firewall on the application to start seeing my logs. I am running build 4012. when PIX firewall sends syslogs to firewall analyzer which directory this logs are stored? Please help
Can I view logs from a Catalyst 4500 series switch?
Hi, I was wondering if I can I view the logs from a Catalyst 4500 series switch? My goal will be to run a server where I will be collecting logs from two firewalls and a switch. Thank you, Zahundas
Moving to a new server
Hi, What is best way to move the firewall analyzer onto a new server? thanks, Matt.
Unable to import log files from MS ISA 2000 Server
I have downloaded the FirewallAnalyzer. I installed the product in Win2K Server with SP4. I have MS ISA 200 Server acting as firewall. I have setup the ftp host to collect the log files generated by ISA. In FirewallAnalyzer, I setup the remote host (in import log file) pointing to the ftp host to retrieve the log files. I am able to login into the ftp host and able to select the directory which contains all the ISA log files. I setup the time interval to 60 minutes. The result is, FirewallAnalyzer
FA stops report again~
this happens often when the same version running at a PC, the first time yesterday after running at a DELL 2850 4Gram server. It has been good for more than 2 months before this happened. packet count keeps rising, database keeps storing, disk keeps becoming less, but report has no result~ checking the serveroute0.txt, I found lots of repeatings: ============================================ [08:50:24:638]|[07-07-2006]|[com.adventnet.fa.server.lc.TriggerTasks]|[INFO]|[20]|: Hei !!! Good Starting Generating
URL for NS 25
Hi I am testing firewall analyzer. I have 2 NS 25. I am getting data from both NS to firewall analyzer. But in http traffic it shows only IP , it doesnt show any URL. Pls. let me know where i am doing mistake in configuration. Parag
PIX VPN Logging
Hello, We are network consulting business. I have a customer with a pretty specific request for some Cisco PIX VPN tracking. I've downloaded a trial edition of the Firewall Analyzer. So far I'm really impressed with it and could see using it for many customers. I'm having some trouble though with the VPN reports and have some questions. 1. The VPN report shows my source IP address but is unable to display my username. What is the mechanism for resolving this. We use Windows IAS authentication which
Alert Profile
Dear SIr: My ManageEngine Firewall Analyzer's version number is 4012, Device is Fortigate 100A (2.80 MR11) The Fortigate is NAT mode, I need to add a Alert Profile for detect bandwidth high loading. But there is not condition "TRAN_IP" in Alert Criteria option. how can I add this? Thanks!
Installation Evaluation License Error
Hello, I'm attempting to install the Firewall Analyzer in Eval mode. I've uninstalled, reinstalled, etc. The database starts up, but when I try to start the client it asks for evaluation or location to license file. I select evaluation and it gives "Error Code: 517". The only thing I did during the install that was not standard was select a different drive "D: rather than C:" Suggestions?
Firewall analyzer installation
We have install trial ver of Firewall analyzer and when i click the Managefirewall analyzer 4 icon i get error message saying "Unclean shutdoen of privious version" Please help
Barracuda Spam Firewall Log Analyzer
Hello Support, We have Barracuda Spam Firewall. We would like generate Reports from the message logs of Barracuda Spam Firewall per domains based. Is Adventnet coming up with Log Analyzer for Barracuda Spam Firewall ? I can provide sample message log file which it generates. Thanks and Regards, Yogesh Padharia
No Graph Data ..but some sometimes
I'm testing Firewall Analyzer 4 Linux (4012) and having problems. Some days it will show graphs and reports other days it wont show any. I've checked and it's logging over 10,000 packets a day and it seems that fri,sat and sun (least traffic intensive days) tend to be the days it shows the graphs and the rest of the week it wont. Any Idea's? Regards.
Next Page