FA4002 has problems on our linux server
We are running eval FA4002 on a Redhat ES linux server, the problem started even just after the installation, when I try to connect to port 8500, it give me a Apache error message, and uninstall and reinstall several times, finally, I can get the GUI, but sometime I got incorrect login by using the default password (I didn't change anything yet, after reboot the machine, I logged into the web interface, and configure the intranet IP, and started monitoring our cisco PIX firewall, it looked good for
Firewall Analyzer and Netflow Analyzer on same server
Hi, I have both Firewall Analyzer and Netflow Analyzer installed on my server. It's running Windows 2000 with Service Pack 4. I have 1 Gig of RAM with two Pentium 4 CPUs. Is this recommended? Can I run both or do you recommend having Firewall Analyzer and Netflow Analyzer on separate servers? The reason why I ask is Firewall Analyzer fails every 2-3 days. When Firewall Analyzer fails, Netflow Analyzer usually also fails. I would then have to run the StopDB.bat command for both applications in order
Traffic from published servers
Hi. I have downloaded Firewall Analyzer. It works fine, except fact I can't see traffic which is generated by my published servers. I have Fortigate 100A and few servers in my LAN which are seen on internet. From my www servers logs I see it generates a lot of traffic (few GB a day) but in FA I can't see that traffic. I see my mail traffic though. I configured my intranet settings with my LAN addresses, but it doesn't help. Should I add my public IPs to intranet settings? Regards Raistlin
Problems with Firewall Analyzer 4 Build 4002
Hello I am testing now the Firewall Analyzer for two weeks. But nothing works correctly. After five minutes nothing goes. The Firewall Analyzer receives the syslogs from the firewall, but the graphs will not be updated. I only see the first five minutes, when Firewall Analyzer was started. If I restart the Firewall Analyzer the graphs will be updated from the past syslogs, but after that, the graphs will not be updated again. For me it's very strange and I hope there is a solution for that problem.
import netscreen native logs
get the following message on native netscreen file import Below is the Sample Record of <Firewall Type> which the ManageEngine Firewall Analyzer Product does not support, 09-01-2005 00:00:00 xx.xx.xx.xx local0.info SiteName: NetScreen device_id=SiteName[Root]system-information-00536: Received an IKE packet on untrust from xx.xx.xx.xx:500 to xx.xx.xx.xx:500/104. Cookies: f724d720c0b645ee, cab75e35be3bb4e7. (2005-09-01 00:00:00)
Multiple Firewalls, Multiple Intranets
I have just begun eval of this product for use in our company's managed firewall infrastructure. So far I like what I see, but I have a question and I'm worried the answer is not going to be one that I like... We manage a variety of brands of firewalls for a multitude of companies and would like a way to centrally manage monitoring and reporting on the firewall logs. Currently, all the brands we manage are supported, so that isn't an issue. What is an issue is the "Intranet Settings" - I don't see
Native support for Netscreen logs.
Please make it a priority to add native support for Netscreen firewall logs. I've noticed a large number of Netscreen posts on this forum and we're running a Netscreen 208 here as well. The native log format has a ton more information than the WELF format. Thanks.
PDF creation fail
Hi, I am currently testing your product for managing 6 pix 6.3.X When i recieve a mail of report product with a zip file, the PDF inside is empty (size is 0). If i have a look to the server, all the pdf file are empty. On the web page, i found some report but if i click on the pdf icone on the upper right, a new page is opening but nothing appear. Do you have any idea ??? What am i doing wrong ? Thanks for your support. Steve Balon
Question regarding RADIUS imported file
Can I import a RADIUS CSV file into Firewall Analyzer from Cisco Access Control Server? Just wondering..... Thanks.
How to reduce Database size?
How to reduce Database size? I removed a lot of logs files. The database is still 4GB.
Archived Files Support
I am getting the following error Settings---> Archived Files--->Loading archives of [Cisco] is not supported. FA losses all data whenever its services are restarted.
Log FWSM into firewall analyzer 4
Hi all, I have some trouble testing Firewall Analyzer. I send logs of my Cisco FWSM to the server where Firwall Analyzer is installed on port 1514/UDP. I have found in the <archive> directory of the installation a sub dir with the IP of my firewall and inside this sub dir a log file with logs messages from my Cisco ... so everything seems to be be OK ...put on the HOME page the only message is "No firewall is currently exporting logs ..." Can somebody help me ? Regards
Change date and time range on default reports
Hi, I'd like to change the data and time range on the default reports so I can look at data during specific periods of time and specific dates. I can't seem to change that. The reports seem to report on the entire day. How do you change that? Thanks.
Unknown and Unassigned!?
How can there be Unknown sender/transmitter in traffic passing thru the firewall? Just for the records! Is it possible to show the port number related to the Unassigned text, so I can assigned the port to a relevant name! Ie. Tivoli using port 1918. As I Bjarne Helstrup Warming
No Data Available
Hello I am evaluating Firewall Analyzer and cannot make it working. After configured our Cisco PIX firewall, I do see it is transferring log data to Firewall Analyzer. But the dashboard is still showing No Data Available. Maybe I missed something. Please help. Attached is the support file. Thanks Sean
IPrism v4.0
Hi, Recently i've used St. Bernard Iprism version 4.0. As i noticed in your supported device list, this Firewall Analyzer can support Iprism appliance v3.2. Can F.Analyzer support version 4.0? Thankyou.
Firewall Analyzer 4 [build 4002] available
We are happy to announce the availability of ManageEngine Firewall Analyzer 4 [build 4002] The general features available in this release are included below, Feature Additions 1. The following reports have been added newly : * Attack Reports * Internet Reports 2. Global "Search" in the product. 3. Desktop Tray Icon for Windows. 4. Automatic web-client connection, using the default browser, once the server has been started. 5. URL reports for Cisco PIX. 6. HTTP and FTP URL reports. 7. Destination
Update Release
When is the next major update release planned for?
Processing Imported Log Files taking foreever
I've imported 20 (10 are 500Mb - 10 are 1.9Gb) syslog files into Firewall analyzer and it is taking forever to process the logs. Under the Import File Status Window - 6 have Imported Logs Completed, 4 have Generate Reports and 10 have Processing Request under status. It has been 4 days since I imported the log files; why does it take so long to process these logs I'm running Win2k3 SP1. Thanks.
cisco vpn client
Does the new version support in "Cisco vpn client" ? I don't get any report about the VPN clients. * I have pix506e, and the client working white "Cisco vpn client".
MySQL: where does syslog put incoming events into ? Table ?
I was wondering re syslog server - does it put everything it receives to mySQL database - if yes - what table does it use for it ? Alex
Tomcat erros on generating daily report
I have been evaluating Firewall Anaylzer 4002, on Windows 2003 Enterprise Edition(SP1 is not installed), for about a week now, and have liked its features and ease of use. This morning, however, when I went to generate a daily report, I was met with 500 errors and the following messages: type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception java.lang.NullPointerException com.adventnet.webclient.components.table.HeaderDataTag.doStartTag(HeaderDataTag.java:81)
Build 4002: Does it support VPN logs yet ?
Hello there, Just wondering if you have VPN logs enabled in your 4002 Build version? If yes - what should I specify on PIX in order to send them to FW Analyzer ? Thanks, Alex
why my firewall analyzer cannot receive syslog msg ?
i downloaded and installed adventNet firewall analyzer v4 build 4002 trial, but it cannot receive any msgs from my fwsm,syslog server port is 514 and 1514(when i shutdown firewall analyzer service and run my kiwi syslog daemon,syslog msg can be displayed by kiwi syslog daemon),wut's wrong with my firewall analyzer settings? below msg is my fwsm logging setting : logging on logging facility 20 logging timestamp logging trap informational logging host inside 192.168.2.33
Not receiving logs
Hi! When I found this program on internet (Firewall Analyzer), I was really excited because it offers much much more than any other similar program. But, I have some problems with it. When I installed trial version, and configured PIX firewalls to send logs to my computer, nothing happens... I checked port number, everything seems to be ok, but I still get the message: No firewall is currently exporting logs to Firewall Analyzer. But when I start some other logging program, I receive logs normally.
http://www.firewallanalyzer.com/
Maybe I'm forgetful or am thinking of something else, but I remember that the above link used to redirect to your website. Now, it goes to your competition! Just thought I would point it out.
Watchguard Configuration
Good Day, This looks very interesting. I would like to try my 2 Watchgaurd firewalls (V60, and Firebox X1000) Are these supported? Is there any documentation? I am willing to test this for you if not known. Thanks.
Demo version - unable to login
I have have installed the demo version 4 of FW Analyzer but when trying to use the web client to login and use the tool using the suggest 'admin' and Password combination it responds advising username / password invalid. I am unable to use the application.
Do I still need to apply a patch for FA 4002 for Cisco PIX?
I heard there is patch for FA4001 if the user want to use it with cisco pix firewall to fix the traffic in and out problem. How about the new version 4002? Do we still need to apply this patch or it already fixed in the new version? If we need to apply the patch, where can I get it for testing Thanks
History data graph gone
Hi, Firewall analyzer runs great with our cisco pix's. The only problem we have is we've lost our hitory graph data. After a specific date the Last Week, Month and Year graph is empty, although the Last Day graph has no problems. Any idea how to solve this problem? Greets
ISA/MS Proxy Server
Good Day, I have been evaluating your product for my Watchguard firewall, and noticed you support Squid Proxy. Is there a possibility in the roadmap of supporting ISA Server/MS Proxy Server?
sidewinder problem
Hello, is there a chance to change the device-type? cause we have a sidewinder firewall and Firewall Analyzer detects this as an Radius-Server. Danny
Unable to receive log from LEA Server
I have download eval of FW Analyzer 4.0. I follow the step to configure checkpoint lea server, but i still can not receive any log from checkpoint. Where i can get the error log for lea client (FW Analyzer)? There is another way to receive log using another format from checkpoint? Judge_Bow
java + mysql error
Dear fwa support, We are currently running fwa in our environment, all is running fine. Except when we openend up our logfile serverout0.txt Every few mins it displays a java.exception error with the message of duplicate key or integrity check: [13:07:39:970]|[11-11-2005]|[SYSOUT]|[INFO]|[23]|: Caused by: java.sql.SQLException: Duplicate key or integrity constraint violation message from server: "Cannot add or update a child row: a foreign key constraint fails"| [13:07:39:970]|[11-11-2005]|[SYSOUT]|[INFO]|[23]|:
Unable to login / Java exception
Hi we are trying firewall analyzer overhere, but when the application is running for some time, the memory usage of the java.exe of the firewall analyzer application shoots to ~350mb plus the cpu usage to ~100%. The serverout log then gets filled with java.exceptions. [SYSOUT]|[INFO]|[17]|: [JBOSS] JBossManagedConnectionPool: Throwable while attempting to get a new connection: nullorg.jboss.resource.JBossResourceException: Could not create connection; - nested throwable: (java.sql.SQLException: Unable
several java errors
Hi, i get several java errors in some reports. first at the management home page: type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception java.lang.NumberFormatException: For input string: "0,10" java.lang.NumberFormatException.forInputString(Unknown Source) java.lang.Integer.parseInt(Unknown Source) java.lang.Integer.parseInt(Unknown Source) com.adventnet.fa.jsp.WEB_002dINF.jsp.trafficSummary_jsp._jspService(trafficSummary_jsp.java:2933)
Filtering at the Firewall Analyzer
Hi, I have use syslog-ng before and this freeware allow me to filter those PIX's syslog message that I do not want to appear in the log. Is there a similar feature for Firewall Analyzer? I cannot find this setting to disable the syslog with some parameter such as (udp/137, udp/139) - netbios port from appearing. There are too many valid deny messages for netbios appearing. Can this be turn off for the viewing as I want to see other real messages. Pls advise soonest.
Firewall Analyzer Build 4001 Released
Dear All, As a quick update before next release, we have released build number 4001 over Firewall Analyzer 4.0. Issues fixed in build 4001 over build 4000 are, Bug fixes: 1. Cisco PIX EMBLEM log format support. 2. Cisco PIX UNIX syslog format support. 3. Netscreen quot problem. 4. Wrong Hostname display in Top Inbound/Outbound Protocol drill down from Traffic Statistics table. 5. Additional default protocol addition. 6. Issue in protocol identification which caused unknown protocol. Note: There is
Data does not display
Hey guys, I'm not sure if this is a user problem, or an issue. What seems to be happening is that after about 24 hours of running not data is being graphed and tabled. I have checked in the packet count and the sysloger seems to be recieving packets. I will attach a screen shot of the home page I get. Brett...
Need some info regarding Firewall Analyzer
Hi Saravanakumar, Thanks for all the info. Here are my answers to your questions: 1) On the graphs we would like to see FQDNs and not the IP address. Can we do this with product when there is overlapping IP address? Please let me know. 2) How long will this take after we put in a purchase order? Thanks Guest Dear Guest, Thanks for giving us the excellent use case. After seeing this requirement, there might be two cases where we need some work to be done in Firewall Analyzer. Apart from those two,
Next Page