Firewall Analyzer supports Microsoft Internet Security and Acceleration (ISA) Server 2000,2004, & 2006.
Note: |
Supported ISA Log Formats in Firewall Analyzer: |
For more information, refer the Microsoft ISA Server documentation.
Once you have configured the ISA Server, then in Firewall Analyzer you can Import this log file.
Note: | We recommend Local Import Schedule option over Remote Host FTP Import option. |
Firewall Analyzer handles Dynamic Filename change of ISA Server log files.
Note: | Micosoft ISA Proxy server creates log file with new name (with time stamp appended) everyday. If the Micosoft ISA Proxy log files are to be imported, you do not have to change the filename daily, instead select the Change filename dynamically option while importing the logs. Selecting the option displays the the Filename pattern: text box to enter the time stamp pattern that the Proxy server appends when the Proxy server creates the log file daily. A help tip icon displays, (when you hover the mouse on the icon) the mapping of the Timestamp in Filename to the Pattern to be given. Enter the pattern as required. |
By default Microsoft ISA Server 2004 & 2006 stores log files into MSDE databases (Microsoft SQL Desktop Engine).
Log files options placement in ISA Management Console 2004 & 2006
In order to switch log files format from MSDE to W3C please do the following:
You will need to change log files format for Firewall and Web proxy. Please choose Configure Firewall Logging and Configure Web Proxy Logging items and perform actions shown below for each.
Log file format settings for Firewall and Web Proxy
Check on File option. In the dropdown list select W3C extended log file format. Enable logging for this service option should be enabled. If you want to change log files location, press Options button, another dialog will appear where you can change the log files path, Compress log files and Delete log files older than should remain disabled. Select Fields tab and check that all necessary fields are enabled. Please see table below for the list of necessary fields.
Necessary Fields
Firewall log files | Web proxy log files |
|
|
ProxyInspector work only with log files since access to the log files is significantly faster than access to SQL databases(nevertheless you can import data from existing MSDE databases using Database | Move data from ISA 2004 & 2006 MSDE databases). ProxyInspector supports both W3C and ISA Native log files formats. Recommended format is W3C.
Refer the Microsoft ISA server log analyzer page to find out how Firewall Analyzer fits best as a ISA log analyzer software.