Firewall Log Search and Search Reports

    Firewall Analyzer provides advanced search feature. This feature offers numerous options to make your searches more precise and to get more useful results. It allows you to search from the raw firewall logs stored in the indexes, archives and processed firewall logs stored in the database.

    In this feature you have the provision to save the search results as Report Profiles. This provides a simplified means to create very precise, selectively filtered and narrowed down report profiles. You don't have to waste time with repeated seraches for the same criteria.

    Search

    You can search the logs for the selected devices with defined matching criteria, from the logs database and raw logs.

    1. Aggregated Search
    2. Raw Search

    Add Search

    • Enter a Profile Name.
    • Select the required reports by selecting the individual reports. These will form the criteria for the Report Profile.
    • Schedule the report, if required by selecting Schedule > Enable radio button.
    • Choose the format of report to be Emailed using Report Type: PDF or CSV radio buttons.
    • In the Mail To option, enter the mail ID(s) of users to whom the reports should be emailed. The scheduled report will be generated and emailed as PDF to the mail ID(s) that is provided. You can use comma "," separator for multiple mail IDs.
    • Enter the subjrct line of the mail in Subject field. You can also add the attributes, Report Name, Devices, Generated Time, Criteria to the subject line given below the field with check boxes.
    • In the Specify Time option, schedule this report to be automatically generated at specific time intervals. Choose from Hourly, Daily, Weekly, or Monthly schedules, or choose to run this report Once.
      • For Hourly schedules, you can set Generate report on _ Hours _ Minutes and Generate report for Previous Hour/Last 60 Minutes.
      • For Daily schedules, you can set Execute at _ Hours _ Minutes and Generate report for Previous Day/Last 24 Hours, and you can set the Time Filter for Custom Hours, Only Working Hours, or Only NonWorking Hours.You can select Run on Week Days option and the reports are run daily except on the weekends.
      • For Weekly schedules, you can set Generate report on Sunday/Monday/Tuesday/Wednesday/Thursday/Friday/Saturday _ Hours _ Minutes and Generate report for Previous Week/Last 7 days and select the option Generate Report only for Week Days if you want to report on the events that occurred only on the week days and not report on events that occurred over the weekends.
      • For the Monthly schedules, you can set Generate report on 1/2/3/4/5/6/7/8/9/10/11/12  _ Hours _ Minutes and Generate report for Previous Month/Last 30 days and select the option Generate Report only for Week Days if you want to report on the events that occurred only on the week days and not report on events that occurred over the weekends.
    Warning: You need to configure the mail server settings in Firewall Analyzer before setting up an email notification.
    •  Click Save button. A new report profile is added.

    Save will open Add Search screen to save the search result as report profile.

    • Enter a Profile Name.
    • Select the required columns of the formatted logs report of the search result.
    • Schedule the report, if required by selecting Schedule > Enable radio button. Follow the procedure to schdule the report.
    •  Click Save button. A new report profile is added.

    Using Search to create Report Profile

     To generate remote VPN users reports:

    • Click Search sub tab and select Raw Search
    • Select appropriate firewall devices
    • Select Raw Firewall Logs from the drop down list.
    • Select Raw VPN Logs in the Raw Firewall Logs group.
    • In the Criteria section, select Match all of the following or Match any of the following to match all the criteria set or any of the criteria set and add or remove additional criteria using Add Criteria and Remove Criteria links and select User is 'your network VPN user'.
    • Click Generate. Search results provide the Reports related to your search <for time period from begining of the day to current time>.
    • To save the search result as report profile, click Save link.
    • Enter a Profile Name.
    • Select the required reports by selecting the individual reports. These will form the criteria for the Report Profile.
    • Schedule the report, if required by selecting Schedule > Enable radio button. Follow the procedure to schdule the report.
    • Click Save button. A new report profile is added.