Proxy Server Reports
The Proxy Reports section in Firewall Analyzer includes
reports that are based on proxy cache logs. This section can be accessed
from the left navigation pane
or the Reports tab.
Squid is a widely used proxy cache for Linux and UNIX platforms. Squid is usually
used together with a firewall to secure internal networks from the outside using
a proxy cache.
In the latest release, Firewall Analyzer can receive the Syslogs live from the Proxy server (Squid). Now, it will parse and generate report. You can send Proxy server (Squid) logs using Linux Syslog daemon. To configure syslog service on Linux, refer the procedure given below.
It is now optional to configure Firewall
Analyzer to import the
Proxy server (Squid) logs at specific intervals.
The following reports are generated based on proxy cache logs:
Apart from these reports, Live Reports are available for proxy servers also. The Live
Report for each proxy server shows the traffic load across the server,
over different time periods.
Configuring the Syslog Service on a Linux/ UNIX Host
- Login as root user and edit the syslog.conf file
in the /etc directory.
- Append
*.*<space/tab>@<server_name> at the end, where <server_name> is the name of the machine on which FIrewall Analyzer is running.
- Save the configuration and exit the editor.
- Edit the services file in the /etc directory.
- Change the syslog service port number to 514, which
is one of the default listener ports of Firewall
Analyzer.
- Save the file and exit the editor.
- Restart the syslog service on the host using the command:
/etc/rc.d/init.d/syslog restart
|
For configuring syslog-ng daemon in a Linux host, append the following entries
destination firewallanalyzer { udp("<server_name>"
port(514)); };
log { source(src); destination(firewallanalyzer); };
at the end of /etc/syslog-ng/syslog-ng.conf,
where <server_name> is the ip address of the machine on which Firewall Analyzer is
running. |
|