ProxyInspector 3.x Standard edition manuals :: Microsoft ISA Server 2004/2006 & TMG 2010

ProxyInspector 3.x Standard edition manuals :: Microsoft ISA Server 2004/2006 & TMG 2010

Microsoft ISA Server 2004/2006 & TMG 2010

Contents  Previous  Next

By default Microsoft ISA Server 2004 & 2006 stores log files into MSDE databases (Microsoft SQL Desktop Engine). ProxyInspector work only with log files since access to the log files is significantly faster than access to SQL databases(nevertheless you can import data from existing MSDE databases using Database | Move data from ISA 2004 & 2006 MSDE databases). ProxyInspector supports both W3C and ISA Native log files formats. Recommended format is W3C.

 

Log files options placement in ISA Management Console 2004 & 2006

 

In order to switch log files format from MSDE to W3C please do the following:

 

Run ISA Management Console
Select Monitoring item on the left pane
Select Logging tab on the center pane
Select Tasks tab on the right pane

 

isa_mmc_2004

 

You will need to change log files format for Firewall and Web proxy. Please choose Configure Firewall Logging and Configure Web Proxy Logging items and perform actions shown below for each.

 

Log file format settings for Firewall and Web Proxy

 

Check on File option. In the dropdown list select W3C extended log file format. Enable logging for this service option should be enabled. If you want to change log files location, press Options button, another dialog will appear where you can change the log files path, Compress log files and Delete log files older than should remain disabled. Select Fields tab and check that all necessary fields are enabled. Please see table below for the list of necessary fields.
 

fw_log_props_2004

 

Necessary fields

 

Firewall log files

 

Log Date

Log Time

Transport (IP Protocol)

Client IP and port

Destination IP and port

Action (action)

Rule (rule)

Result Code (status)

Protocol (application protocol)

Bytes sent

Bytes sent Delta

Bytes recevied

Bytes recevied Delta

Processing Time (connection time)

Client Username (Username)

Client Agent (agent)

Web proxy log files

 

Client IP (c-ip)

Client Username (cs-username)

Client Agent (c-agent)

Log Date (date)

Log Time (time)

Destination Host Name (r-host)

Bytes Recevied (cs-bytes)

Bytes Sent (sc-bytes)

Protocol (cs-protocol)

URL (cs-uri)

MIME Type (cs-mime-type)

Object source (s-object-source)

Result Code (sc-status)

Rule (rule)

Action (action)