Supported Log File Formats

Transcription

1 Supported File Formats Vendor/Product Format Analyzer Standard Analyzer Premium & Analyzer Giga Vantage & Vantage Giga 3Com 3Com 8e6 R2000 8e6 R3000 Aladin Esafe Blocked s Allied Telesyn ATI Level 3 Switch Model 9812 Apache HTTP Server - Access No No Yes No Applied Data Control Native Arkoon SMTP No Yes Yes Yes Arkoon Web (WELF) Arkoon Arkoon Live Yes *New Yes *New No Yes *New Astaro Native Syslog 3 Avirt Proxy Native AVM AVM Ken! Yes *New Yes *New No Yes *New Barracuda Networks Barracuda Networks Spam (CSV Format) Spam (Syslog Format) Bintec VPN Bintec VPN 25 No No Yes No Bloxx Proxy Server W3C Proxy SG Common Proxy SG Squid Native Proxy SG W3C Instant Messaging W3C Websense BlueReef Virtual Server SQUID Native Borderware Yes Yes Yes *New Yes Borderware Direct Packet Borderware Mail Yes Yes Yes *New Yes BT Proxy Native CacheFlow Proxy Squid CacheXpress Squid CC Proxy Native Yes 1 Yes Yes Yes Checkpoint -1 Yes 1 *Mod Yes *Mod Yes No

2 Checkpoint Custom Yes 1 *Mod Yes *Mod Yes No Checkpoint NG Yes 1 *Mod Yes *Mod Yes No CipherTrust IronMail Cisco Cisco Cache Engine Cisco Pix Cisco ASA Yes *New Yes *New Yes Yes *New Cisco IOS Cisco Cisco Clavister ConSeal Switching Module VPN Concentrator Clavister Conseal No No Yes No Yes *New Yes *New No Yes *New ContentKeeper ARM ContentKeeper ContentKeeper Syslog CProxy Native CSM Blocking Yes 1 Yes Yes Yes CSM Proxy Yes 1 Yes Yes Yes Cyberguard Native Yes 1 Yes No Yes Custom Text files Dameware Dameware Mini Remote Control DansGuardian Native Yes 1 Yes Yes Yes DrayTek Vigor 2200E Yes *New 1 Yes *New No Yes *New Exim Exim v4.6 No Yes Yes *New Yes Exim Exim v3.0 No Yes Yes Yes Exinda Daily Finjan Finjan Vital Security W3C Vital Security NG-5100 Yes *New Yes *New No Yes *New Fortinet Syslog Fortinet WELF FT Gate Webserver FT Gate Proxy FT Gate Mail Gateway No Yes Yes Yes Gauntlet Native Yes 1 Yes No Yes GNAT Box Gnat Box Custom Yes 1 Yes No Yes

3 Format GNAT Box Gnat Box 3 Yes 1 Yes No Yes IBM IBM Inferno Nettverk Dante Yes *New Yes *New No Yes *New Interquick Native IPSwitch imail Server No Yes No Yes ISS Proventia Jana Proxy Native JBoss Proxy Common No No Yes No Jive Jive Wildfire Yes *New Yes *New No Yes *New Juniper Juniper M20 Yes *New Yes *New Yes Yes *New LinkSYS LinkSYS Router Lotus Domino Webserver - Native log MailGate MailGate RQ Mailtraq Native McAfee WebShield MDaemon Statistics No Yes No Yes MDaemon Native No Yes No Yes Mecure Mail Server Native No Yes No Yes Microsoft Exchange 5.5 No Yes Yes *Mod Yes Microsoft Exchange 2000 No Yes Yes *Mod Yes Microsoft Exchange 2003 No Yes Yes *Mod Yes Microsoft IAS Radius Text Microsoft IIS Native Microsoft IIS NCSA No No Yes No Microsoft IIS W3C Yes Yes Yes yes Microsoft IIS SQL Database No No Yes No Microsoft IIS SMPT W3C No Yes Yes Yes Microsoft Internet Connection Microsoft ISA Server Microsoft ISA Server Microsoft ISA Server 2 Microsoft ISA Server 4 Native No No Yes No ISA Server file format (2000, 2004 & 2006) W3C file format (2000, 2004 & 2006) SQL Database (2000, 2004 & 2006) MSDE Database (2004 & 2006) 4 Yes *Mod Yes *Mod Yes *Mod No Yes 4 *Mod Yes 4 *Mod Yes 4 *Mod No Microsoft Proxy Native Yes 1 Yes Yes *Mod Yes Microsoft Proxy W3C Yes 1 Yes Yes *Mod Yes Microsoft Windows Event s Direct PC Connection Midpoint Native MIMESweeper MAILSweeper No Yes Yes Yes

4 MIMESweeper MIMESweeper MSN Messenger MIMESweeper for Web WEBSweeper (4.0 and below) Saved Conversation File Yes Yes Yes *New Yes N2H2 N2H2 v1.0 N2H2 N2H2 v2.0 Netasq Native NetCache Common Yes 1 *Mod Yes *Mod Yes Yes *Mod NetCache Netscape Yes 1 *Mod Yes *Mod Yes Yes *Mod NetCache W3C Yes 1 *Mod Yes *Mod Yes Yes *Mod Netgear FVL328 Netgear FVS318 Yes *New Yes *New Yes Yes *New Netgear Security Yes *New Yes *New Yes Yes *New Netintact Packetic Yes *Mod Yes *Mod No Yes *Mod NetProxy Native Netscape Native Netscape Messaging Service NetScreen NetScreen 10 NetScreen NetScreen 3 NetScreen NetScreen 50 NetSpective Native No No Yes No NetTracker Native Netwall Native Nortel Contivity Yes *New Yes *New No Yes *New Novell BorderManager Native Yes 1 Yes Yes Yes Novell BorderManager Connection Yes 1 Yes Yes Yes Novell BorderManager Extended Yes 1 Yes Yes Yes Novell Groupwise Novell Groupwise Groupwise Text Groupwise AntiSpam No Yes Yes Yes Novell ichain W3C Novell NSure Audit Novell Yes Yes No No BorderManager - MySQL Database Novell Volera Text Yes *Mod Yes *Mod Yes Yes *Mod Novell Volera W3C Yes *Mod Yes *Mod Yes Yes *Mod Novell Zenworks Rouge Process Yes *New Yes *New No Yes *New Pi-Soft Consulting, LLC Spoon Proxy PostFix Mail Server Native No Yes No Yes PostOffice Native No Yes No Yes Pro FTP Native Proxy Plus Native ProxyNow! Native

5 QMail Native No Yes No Yes Raptor Research Machines Rhino Soft RouterOS Server RM SmartCache Allegro Surf Proxy SQUID Native Safe Protect Bellerophon Sambar Proxy Sendmail Native No Yes No Yes Sidewinder Web Filter (v5.0 BETA) Virus (v5.0 BETA) Mail Filter (v5.0 BETA) Event Mail Filter Security Traffic Virus VPN Web Filter WT Syslog (WELF) Yes *New Yes *New Yes *Mod Yes *New SmartFilter Native Smoothwall No No Yes No Smoothwall Guardian 5 Smoothwall Proxy SonicWall Native Yes 1 Yes Yes Yes Squid Proxy Common Yes 1 *Mod Yes *Mod Yes Yes *Mod Squid Proxy N2H2 Yes 1 Yes Yes Yes Squid Proxy Native Yes 1 Yes Yes Yes Monitor log Yes 1 Yes Yes Yes RT log Yes 1 *New Yes Yes Yes

6 Security log Yes 1 Yes Yes Yes Syslog Yes 1 Yes Yes Yes Syslog v4 Yes 1 Yes Yes Yes Stonesoft Stonegate Yes *Mod Yes *Mod Yes Yes *Mod Sun Microsystems Sun One Webserver Yes *New Yes *New Yes *New Yes *New SyGate Proxy Yes 1 Yes No Yes SyGate NAT Server Symantec SGS 5640 Symantec SGS 5620 Yes *New Yes *New No Yes *New Symantec SGS 5400 Yes *Mod Yes *Mod No Yes *Mod Symantec Web Security Symantec SGS 8.0 Symantec Trend Micro IMSS Enterprise Messaging Security Trend Micro InterScan Web Manager Trend Micro InterScan Virus Wall Trend Micro IWSS Access Trend Micro IWSS Trend Micro IWSS Performance URL Blocking Trend Micro IWSS Virus Vicomsoft Webcache Visnetic Mail Server No Yes No Yes Watchguard Fireware Pro - XML & Text s Watchguard Vclass Appliance Syslog Yes 1 *Mod Yes *Mod No Yes *Mod WebSense Native WebSpy Sentinel FlowMonitor Sentinel WebSTAR Proxy Server WebWasher SQUID Additional WebWasher AntiVirus SMTP No Yes No Yes WELF WELF Wingate Native WinProxy Native Winroute Winroute Pro Web Winroute Pro Mail No Yes No Yes Zackware spie Native Format No No Yes No

7 Zyxel *New *Mod support has been added since the last public software release. Contact WebSpy Support to obtain the latest loader file. support has been modified since the last public software release. Contact WebSpy Support to obtain the latest loader file. Format includes support for more than one protocol. Analyzer Standard will not import mail data. Extra configuration of your SQL server database is required. Click here to download the white paper. Realtime monitoring of Astaro log files is only available via the Syslog function. ISA's MSDE database is secured from network access be default. Configuration changes are required to import ISA MSDE log information into a WebSpy application running on a remote workstation. Click here to download the white paper. Please note: WebSpy products import information from log files produced by your gateway, proxy or firewall product. Some of the above products require a third party product such as a syslog daemon to produce these log files. Please check your product's documentation with regards to it's logging abilities and requirements. There may be some log file versions or formats created by the above logging devices that are not supported. If you have trouble importing your log files, please contact WebSpy Support.