Firewall Analyzer provides advanced search feature. Advanced Search, offers numerous options for making your searches more precise and getting more useful results. It allows you to search from the Raw Firewall Logs. Using this feature, you will be able to save the search results as Report Profiles. This provides a simplified means to create very precise, selectively filtered and narrowed down Report Profiles.
In Advance Search, you can search the logs for the selected devices, from the aggregated logs database or raw firewall logs, and define matching criteria.
In this section, you can choose the devices for which you want the logs to be searched. If no device is selected or you want to change the list of selected devices, select the devices.
The selected devices are displayed in this section.
In this section, you can select one from the two options:
Select this option if you want to search from the aggregated logs database.
Select this option if you want to search from the raw firewall logs. Selecting this option will enable the following options:
- Raw VPN Logs
- Raw Virus/Attack Logs
- Raw Device Management Logs
- Raw Denied Logs
Select the above logs options as per your requirement.
This section, enables you to search the database for attributes using more than one following criteria's:
|Protocol||Refers to the list of protocols and protocol identifiers that are
available in the Protocol Groups page (Settings >> Protocol
example: 8554/tcp, rtsp, IPSec
Refers to the source host name or IP address from which requests originated
|Destination||Refers to the destination host name or IP address to which requests were sent|
|User||Refers to the authenticated user name required by some firewall's
example: john, kate
|Virus||Refers to the Virus name.
examples: JS/Exception, W32/Mitglieder
|Attack||Refers to the attack name.
examples: UDP Snort, Ip spoof
|Device||Refers to the device from which logs are collected|
|Message||Refers to the log message texts stored in the DB|
To generate remote VPN users reports:
Raw Firewall Logs
Aggregated Logs Database
To save the search result as report profile, click Save as Report Profile link.
Schedule the report, if required by selecting Associate Schedule check box.
|You need to configure the mail server settings in Firewall Analyzer before setting up an email notification. You can do this from the Setup the Mail-Server Details link.|
In the Configure Columns pop-up screen you can select the required columns of the report. For example: User, StartTime, Time, and Duration. Here, Time represents EndTime of the VPN connection.