Document 6509149

Transcription

Document 6509149
 How to Configure Syslog forwarding for URL Browse time reports with Sawmill This document walks through the steps needed for configuring Syslog forwarding for URL browse time reports using Sawmill 8.1.8. Preparation steps: •
•
•
Enable URL profile on web-­‐browsing rule to generate the URL filtering logs. Install and Configure a Syslog server; I used Kiwi to capture the syslog output. Install Sawmill; I used Sawmill 8.1.8 in this walkthrough. Part 1: Configuring Palo Alto to forward URL logs to Syslog server In this part, you will setup the Syslog server, log forwarding profile, and add it to the security rule. 1. Click the Device tab and select “Syslog” under the Server Profiles. PANOS 4.0.0 1 2. Click Add at the bottom of the page and configure the Syslog server.
3. Next you’ll need to configure the Log Forwarding profile under the Objects tab. 4. Name the Log Forwarding profile and select the Syslog server profile for “Informational” logs.
Note: URL logs are categorized as informational severity. PANOS 4.0.0 2 5. Go to Policies and then select Options for the security rule allowing outbound URL filtering. Note: The security policy needs a URL filtering profile attached to generate URL logs. 6. Select the Log Forward Profile and click Ok. You’ll then need to commit the configuration to have the changes take effect. Part 2: Configuring Sawmill for URL browse time reports In this part, you will setup the Sawmill for URL browse time reports. You need to make sure your syslog server is capturing the URL filtering logs. The syslog output location is needed by Sawmill. 1. Select “Create New Profile” once you login to Sawmill. 2. Browse to the location of the Syslog output and select it. You can verify that Sawmill can read the Syslog output by clicking “Show Matching Files”. Once the Syslog output has been verified click Next. PANOS 4.0.0 3 4. Sawmill will detect the log format. Select “Traffic and threat” and “Continue with one of the above detected log formats (recommended).” 5. Then select “Continue with the above detected syslog/logging device pair (recommended).” And click Next. PANOS 4.0.0 4 6. Select the Numerical field options you’d like to report on. URL browse time reports only requires Events, Page views, and Elapsed. 7. Give the new profile a name and click Finish. 8. Once the Profile is created select “Process Data & View Reports. “ PANOS 4.0.0 5 9. To view the URL browse time reports. Select “Source”  “Page by Source user”. PANOS 4.0.0 6 

Similar documents

Meetmuslims.net: Best for Muslim Marriage Free Chat

Meetmuslims.net: Best for Muslim Marriage Free Chat Meetmuslims.net is the best online dating site to date Muslim women for free in the USA. Our dating site is best Muslim marriage free chat resource. Join with us to get your partner! Start Dating! Visit Us: http://meetmuslims.net/

More information

Graham Scallan Leading Business Counselor in Wexford

Graham Scallan Leading Business Counselor in Wexford An effective and experienced business mentor can help to take your business to top of the roof. The Graham Scallan is the best leading business counselor in Wexford. Get advice from him to make your business successful. For More Info : http://www.grahamscallan.com/

More information

Best Eye Doctor & Optometrist for Children Accepting all Insurance

Best Eye Doctor & Optometrist for Children Accepting all Insurance Jackson Vision Clinic is the best eye care clinic in Seattle. At jacksonvisionclinic.com, you will find the best eye doctor & Optometrist for children accepting all Insurance. For More Info : https://www.jacksonvisionclinic.com/

More information