Re: How to analyze ISA Logs
- From: Jim Harrison <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 02 Sep 2003 21:22:24 -0700
First, read the ISA help which describes most of the log entries and what they
mean to ISA.
Second, read this KB, which fills in some of the missing pieces:
http://support.microsoft.com/default.aspx?scid=284818
Third, play with a free log analyzer (htp://isatools.org lists one)
Fourth, (anybody remenmber that link I sent out for log forensics?)
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
On Wed, 3 Sep 2003 10:50:38 +0800
"Lian Wee LOO" <lwloo@xxxxxxx> wrote:
http://www.ISAserver.org
How to analyze ISA IP, WEB and PROXY logs? My IP logs always very huge, and
I am not sure whether the traffics coming from internal or external. Please
advice. Thanks in advance.
best regards,
lwloo 2k'3
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
All mail from this domain is virus-scanned with RAV.
www.ravantivirus.com
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
Other related posts:
