Hi Ram, I'm not a fan of using the ODBC drivers directly from within ISA. I prefer moving my logs to a "secure" location. Where I have processes that read those logs and then place into an SQL database. Packet Filter will be different then the webproxy and firewall logs. The webproxy and firewall logs have the same format. PACKET FILTER: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/isa/isa logfields_8okz.asp WEBPROXY/FIREWALL: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/isa/isa logfields_8okz.asp I've not seen Sql 2000 blatantly put extra characters at the end of fields when using the isa odbc driver. If a field is defend at 50 varchar or nvarchar and if you place 10 in that field then the field length should be variable. If you do this simple statement from the SQL Northwinds database: SELECT LEN(CompanyName) AS 'Length', CompanyName FROM customers You will see the variable length of the CompanyName. When you just query with in QSQL the width on the screen will be the width of each field in the database thus making it look like extra characters have been placed on the field. 100 CLIENTS can be handled by ISA quite well. It will generate some larger log files that you will have to filter. Joseph -----Original Message----- From: Ramakrishna Y [mailto:ram@xxxxxxxxxxxx] Sent: Monday, December 22, 2003 3:25 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Packet log for all clients http://www.ISAserver.org Hi Joseph Why Iam preferring to put the log info into the database is, we can build reports with simple SQL statements. That's the only reaon. But my main question was will all 3 types clients are generating different formats. I want it to be in WebProxy format so that I can analyze it clearly. I did not understood "Have you done an sql length of the database field in question against the actual data". My site will be normally busy very much. I've around 100 clients sharing the network. So is this the reason? Regards Ram ----- Original Message ----- From: "cismic" <cismic@xxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, December 22, 2003 3:38 PM Subject: [isalist] RE: Packet log for all clients > http://www.ISAserver.org > > Hi Ram, > I like setting up the logs to log the maximum type of data. The web > proxy log has a different format then the packet and firewall logs. In > my back to back system. When I add the data to the sql database I > identify what machine the logs are coming from. > > I'm not a big fan of logging directly to the sql database. I like > moving my logs to a secure "undisclosed location" and then process > those into sql. I remove all trailing chars. I'm not sure what is > happening to your logs with the varchar. Have you done an sql length > of the database field in question against the actual data? > > And, yes if your site is busy it can occupy the logs very quickly. > > Joseph > > -----Original Message----- > From: Ramakrishna Y [mailto:ram@xxxxxxxxxxxx] > Sent: Sunday, December 21, 2003 10:50 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] Packet log for all clients > > > http://www.ISAserver.org > > Hi, > > Will ISA log all the packets into log files for all types of > clients(WebProxy, SNAT, Firwall Client)? I could see different formats > for each of them. WebProxy client logs are fine. I want all those > details which are there in WebProxy clients for the other type of > connections also so that I can give a detailed reporting of the sites > visited also..Will this be possible with ISA Server? > > Also I need a clarification. I've configured ISA reporting to ODBC > (SQL Server). While testing for 10 mts, the database has gone to 50MB. > When I check the database, all the values are filled with trailing > spaces as if the datatype is CHAR type. But the datatype defined was > VARCHAR only. Why all the trailing spaces are going to database? If > I've a field of length 128, and the value is only 50 characters, I > could see remaining 78 characters as spaces. Any idea how its > happenning.? Iam running an evaluation of ISA Server. > > Regards > Ram > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com No.1 > Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network > Security > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > cismic@xxxxxxx To unsubscribe send a blank email to > $subst('Email.Unsub') > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com No.1 > Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: ram@xxxxxxxxxxxx > To unsubscribe send a blank email to > $subst('Email.Unsub') > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')