RE: Log Files

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 17 Dec 2003 21:18:06 -0600

Hi Joseph,
 
Great!
Thanks!
Tom

  _____  

From: cismic [mailto:cismic@xxxxxxx] 
Sent: Wednesday, December 17, 2003 3:07 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Log Files
Sensitivity: Confidential


http://www.ISAserver.org

Hi All,
 
Log files are not only important to identifying visits to a site but to
help identify weather or not you have malicious activity going on.
I'm not a firm believer in writing directly to an ODBC db source from
within ISA and have created scripts to assist me with
importing scripts into my db.  I've been working on these tasks for 2
years now.  Learning a lot about ISA in the process.
 
Script 1:  Moves the log files to another location daily that's if you
haven't setup a location different then the defaults and
               set them up to use appropriate security access.
 
Script 2:  Imports the Web Proxy Logs
 
Script 3:  Imports the Firewall Logs
 
Script 4:  Imports the packet filter logs
 
Script 5:  Process the event logs,( System, Security and Application)
then imports into the Db
 
Script 6:  Imports Exchange server logs
 
Script 7: Imports FTP Logs
 
Script 8: Imports RRAS information
 
Ok, you say, where are these wonderful scripts??  Well, I will send them
To Jim Harrison for posting on his site on Christmas Eve
at least that's what William would like for Christmas.  And they will be
available on my site http://www.stat-sphere.com after I get the rewrite
and 
new graphics done before the end of the year.  I have my hands full!
 
Scripts by the way is just half the battle.  I have SQL functions that
parse the data into daily, weekly, monthly and yearly process.
Hits by browser, country, user agents etc.  If any of your are running
IIS 5.0 or IIS 6.0, I plan on releasing a version of
http://www.stat-sphere.com
code where you can plug in the various modules that I've been working on
the past 2 years.  
 
Thank you,
 
Joseph
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » RE: Log Files
• » RE: Log Files
• » RE: Log Files
• » RE: Log Files
• » RE: Log Files
• » RE: Log Files
• » Log Files
• » RE: Log Files
• » RE: Log Files
• » RE: Log Files
• » Log Files
• » RE: Log Files
• » RE: Log Files
• » RE: Log Files
• » Log Files
• » Re: Log Files
• » Log Files
• » Re: Log Files
• » Re: Log Files
• » Re: Log Files
• » Re: Log Files
• » RE: Log Files
• » RE: Log Files

1. Home
2. isalist
3. Archive
4. 12-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---