Hardware Question: 1-2 GB Syslog/Day
I'm evaluating the Firewall Analyzer. I downloaded the demo, installed and everything worked properly. The reports are nice - looks like a great product. I'm a bit concerned with performance though and I was wondering if you could rest my fears. We are collecting logs from a PIX 515e firewall. The unit is only sending about 1 gigbyte per day to the syslog server (using "informational" logging). That doesn't seem too extreme to me, but I can already see the server, after less than 24 hours, beginning
Network Traffic Summary by hosts
My company network is having PIX 501 (6.3) as firewall. I am evaluating this FA build 4002 from past two days. i want to know how to make a report for Internet Traffic details by host during certain period. I want to know details for Host wise Bandwidth usage and what protocol is utilising the most bandwidth for that host. thanks in advance
Cannot start firewall Analyzer after install
Hi, After i install fxa i got this error message. Failed to start server.. Attach is the error msg. Thanks for any help!
Syslog does not work in FW Analyzer
Hi Support, I am not able to receive syslog messages in Firewall Analyzer. Have configured my PIX firewall to work on port UDP 514, and a syslog server for the same poart has also been added in the Firewall Analyzer. If I start another syslog tool, it works perfectly fine!!! ---PIX config--- Syslog logging: enabled Facility: 16 Timestamp logging: enabled Standby logging: disabled Console logging: level informational, 57554 messages logged Monitor logging: disabled Buffer logging: disabled Trap logging:
LEA using R60
Good day, I set up the lea config and was able to pull the Cert, however nothing is reporting. Have full access to the Gateay. In the logs I can see the 'pull' but I do not see anything else. SecurPlatform R60 FW-1 NGX also tried on SecurPlatform R55 FW-1 NG-AI With same results Is there a way to force the pull of the logs? Thanks
Checkpoint R55
I am searching for a firewall log analyzer tools for the Checkpoint R55 when can i hope to test yours ?
FA 4002 crashes when setup an authenticated LEA-Connection
Dear FA-Support, after download and installing the new release 4002 of FirewallAnalyzer everything is fine. After setup the authenticated LEA-Connection the FA-Service crashes. Any idea?? Thx
FA4002 has problems on our linux server
We are running eval FA4002 on a Redhat ES linux server, the problem started even just after the installation, when I try to connect to port 8500, it give me a Apache error message, and uninstall and reinstall several times, finally, I can get the GUI, but sometime I got incorrect login by using the default password (I didn't change anything yet, after reboot the machine, I logged into the web interface, and configure the intranet IP, and started monitoring our cisco PIX firewall, it looked good for
Firewall Analyzer and Netflow Analyzer on same server
Hi, I have both Firewall Analyzer and Netflow Analyzer installed on my server. It's running Windows 2000 with Service Pack 4. I have 1 Gig of RAM with two Pentium 4 CPUs. Is this recommended? Can I run both or do you recommend having Firewall Analyzer and Netflow Analyzer on separate servers? The reason why I ask is Firewall Analyzer fails every 2-3 days. When Firewall Analyzer fails, Netflow Analyzer usually also fails. I would then have to run the StopDB.bat command for both applications in order
Traffic from published servers
Hi. I have downloaded Firewall Analyzer. It works fine, except fact I can't see traffic which is generated by my published servers. I have Fortigate 100A and few servers in my LAN which are seen on internet. From my www servers logs I see it generates a lot of traffic (few GB a day) but in FA I can't see that traffic. I see my mail traffic though. I configured my intranet settings with my LAN addresses, but it doesn't help. Should I add my public IPs to intranet settings? Regards Raistlin
Problems with Firewall Analyzer 4 Build 4002
Hello I am testing now the Firewall Analyzer for two weeks. But nothing works correctly. After five minutes nothing goes. The Firewall Analyzer receives the syslogs from the firewall, but the graphs will not be updated. I only see the first five minutes, when Firewall Analyzer was started. If I restart the Firewall Analyzer the graphs will be updated from the past syslogs, but after that, the graphs will not be updated again. For me it's very strange and I hope there is a solution for that problem.
import netscreen native logs
get the following message on native netscreen file import Below is the Sample Record of <Firewall Type> which the ManageEngine Firewall Analyzer Product does not support, 09-01-2005 00:00:00 xx.xx.xx.xx local0.info SiteName: NetScreen device_id=SiteName[Root]system-information-00536: Received an IKE packet on untrust from xx.xx.xx.xx:500 to xx.xx.xx.xx:500/104. Cookies: f724d720c0b645ee, cab75e35be3bb4e7. (2005-09-01 00:00:00)
Multiple Firewalls, Multiple Intranets
I have just begun eval of this product for use in our company's managed firewall infrastructure. So far I like what I see, but I have a question and I'm worried the answer is not going to be one that I like... We manage a variety of brands of firewalls for a multitude of companies and would like a way to centrally manage monitoring and reporting on the firewall logs. Currently, all the brands we manage are supported, so that isn't an issue. What is an issue is the "Intranet Settings" - I don't see
Native support for Netscreen logs.
Please make it a priority to add native support for Netscreen firewall logs. I've noticed a large number of Netscreen posts on this forum and we're running a Netscreen 208 here as well. The native log format has a ton more information than the WELF format. Thanks.
PDF creation fail
Hi, I am currently testing your product for managing 6 pix 6.3.X When i recieve a mail of report product with a zip file, the PDF inside is empty (size is 0). If i have a look to the server, all the pdf file are empty. On the web page, i found some report but if i click on the pdf icone on the upper right, a new page is opening but nothing appear. Do you have any idea ??? What am i doing wrong ? Thanks for your support. Steve Balon
Question regarding RADIUS imported file
Can I import a RADIUS CSV file into Firewall Analyzer from Cisco Access Control Server? Just wondering..... Thanks.
How to reduce Database size?
How to reduce Database size? I removed a lot of logs files. The database is still 4GB.
Archived Files Support
I am getting the following error Settings---> Archived Files--->Loading archives of [Cisco] is not supported. FA losses all data whenever its services are restarted.
Log FWSM into firewall analyzer 4
Hi all, I have some trouble testing Firewall Analyzer. I send logs of my Cisco FWSM to the server where Firwall Analyzer is installed on port 1514/UDP. I have found in the <archive> directory of the installation a sub dir with the IP of my firewall and inside this sub dir a log file with logs messages from my Cisco ... so everything seems to be be OK ...put on the HOME page the only message is "No firewall is currently exporting logs ..." Can somebody help me ? Regards
Change date and time range on default reports
Hi, I'd like to change the data and time range on the default reports so I can look at data during specific periods of time and specific dates. I can't seem to change that. The reports seem to report on the entire day. How do you change that? Thanks.
Unknown and Unassigned!?
How can there be Unknown sender/transmitter in traffic passing thru the firewall? Just for the records! Is it possible to show the port number related to the Unassigned text, so I can assigned the port to a relevant name! Ie. Tivoli using port 1918. As I Bjarne Helstrup Warming
No Data Available
Hello I am evaluating Firewall Analyzer and cannot make it working. After configured our Cisco PIX firewall, I do see it is transferring log data to Firewall Analyzer. But the dashboard is still showing No Data Available. Maybe I missed something. Please help. Attached is the support file. Thanks Sean
IPrism v4.0
Hi, Recently i've used St. Bernard Iprism version 4.0. As i noticed in your supported device list, this Firewall Analyzer can support Iprism appliance v3.2. Can F.Analyzer support version 4.0? Thankyou.
Firewall Analyzer 4 [build 4002] available
We are happy to announce the availability of ManageEngine Firewall Analyzer 4 [build 4002] The general features available in this release are included below, Feature Additions 1. The following reports have been added newly : * Attack Reports * Internet Reports 2. Global "Search" in the product. 3. Desktop Tray Icon for Windows. 4. Automatic web-client connection, using the default browser, once the server has been started. 5. URL reports for Cisco PIX. 6. HTTP and FTP URL reports. 7. Destination
Update Release
When is the next major update release planned for?
Processing Imported Log Files taking foreever
I've imported 20 (10 are 500Mb - 10 are 1.9Gb) syslog files into Firewall analyzer and it is taking forever to process the logs. Under the Import File Status Window - 6 have Imported Logs Completed, 4 have Generate Reports and 10 have Processing Request under status. It has been 4 days since I imported the log files; why does it take so long to process these logs I'm running Win2k3 SP1. Thanks.
cisco vpn client
Does the new version support in "Cisco vpn client" ? I don't get any report about the VPN clients. * I have pix506e, and the client working white "Cisco vpn client".
MySQL: where does syslog put incoming events into ? Table ?
I was wondering re syslog server - does it put everything it receives to mySQL database - if yes - what table does it use for it ? Alex
Tomcat erros on generating daily report
I have been evaluating Firewall Anaylzer 4002, on Windows 2003 Enterprise Edition(SP1 is not installed), for about a week now, and have liked its features and ease of use. This morning, however, when I went to generate a daily report, I was met with 500 errors and the following messages: type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception java.lang.NullPointerException com.adventnet.webclient.components.table.HeaderDataTag.doStartTag(HeaderDataTag.java:81)
Build 4002: Does it support VPN logs yet ?
Hello there, Just wondering if you have VPN logs enabled in your 4002 Build version? If yes - what should I specify on PIX in order to send them to FW Analyzer ? Thanks, Alex
why my firewall analyzer cannot receive syslog msg ?
i downloaded and installed adventNet firewall analyzer v4 build 4002 trial, but it cannot receive any msgs from my fwsm,syslog server port is 514 and 1514(when i shutdown firewall analyzer service and run my kiwi syslog daemon,syslog msg can be displayed by kiwi syslog daemon),wut's wrong with my firewall analyzer settings? below msg is my fwsm logging setting : logging on logging facility 20 logging timestamp logging trap informational logging host inside 192.168.2.33
Not receiving logs
Hi! When I found this program on internet (Firewall Analyzer), I was really excited because it offers much much more than any other similar program. But, I have some problems with it. When I installed trial version, and configured PIX firewalls to send logs to my computer, nothing happens... I checked port number, everything seems to be ok, but I still get the message: No firewall is currently exporting logs to Firewall Analyzer. But when I start some other logging program, I receive logs normally.
http://www.firewallanalyzer.com/
Maybe I'm forgetful or am thinking of something else, but I remember that the above link used to redirect to your website. Now, it goes to your competition! Just thought I would point it out.
Watchguard Configuration
Good Day, This looks very interesting. I would like to try my 2 Watchgaurd firewalls (V60, and Firebox X1000) Are these supported? Is there any documentation? I am willing to test this for you if not known. Thanks.
Demo version - unable to login
I have have installed the demo version 4 of FW Analyzer but when trying to use the web client to login and use the tool using the suggest 'admin' and Password combination it responds advising username / password invalid. I am unable to use the application.
Do I still need to apply a patch for FA 4002 for Cisco PIX?
I heard there is patch for FA4001 if the user want to use it with cisco pix firewall to fix the traffic in and out problem. How about the new version 4002? Do we still need to apply this patch or it already fixed in the new version? If we need to apply the patch, where can I get it for testing Thanks
History data graph gone
Hi, Firewall analyzer runs great with our cisco pix's. The only problem we have is we've lost our hitory graph data. After a specific date the Last Week, Month and Year graph is empty, although the Last Day graph has no problems. Any idea how to solve this problem? Greets
ISA/MS Proxy Server
Good Day, I have been evaluating your product for my Watchguard firewall, and noticed you support Squid Proxy. Is there a possibility in the roadmap of supporting ISA Server/MS Proxy Server?
sidewinder problem
Hello, is there a chance to change the device-type? cause we have a sidewinder firewall and Firewall Analyzer detects this as an Radius-Server. Danny
Unable to receive log from LEA Server
I have download eval of FW Analyzer 4.0. I follow the step to configure checkpoint lea server, but i still can not receive any log from checkpoint. Where i can get the error log for lea client (FW Analyzer)? There is another way to receive log using another format from checkpoint? Judge_Bow
Next Page