Google Answers: HOW TO analyse MS ISA Server logs for incoming traffic behind an ISA Server

View Question

Q: HOW TO analyse MS ISA Server logs for incoming traffic behind an ISA Server ( No Answer, 0 Comments )

Question

Subject: HOW TO analyse MS ISA Server logs for incoming traffic behind an ISA Server
Category: Computers > Internet
Asked by: steve_berlin-ga
List Price: $30.00

Posted: 02 Dec 2004 09:48 PST
Expires: 09 Dec 2004 09:11 PST
Question ID: 437132

I am using the following Logfile sample:
#Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2004-10-06 00:04:13
#Fields: c-ip	cs-username	c-agent	date	time	s-computername	cs-referred	r-host	r-ip	r-port	time-taken	cs-bytes	sc-bytes	cs-protocol	s-operation	cs-uri	s-object-source	sc-status
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:13	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	32	555	1135	http	GET	http://www.mydomain.de/library/periodicals/7956.htm	Inet	200
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:13	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	156	448	15452	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	64
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:16	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	2515	372	293191	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	206
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:22	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	485	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:22	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	303	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:24	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	15	485	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:24	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	303	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:25	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	485	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:25	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	303	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:26	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	485	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:26	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	15	303	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:27	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	485	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:27	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	303	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
70.25.207.226	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.2; V-TV Browser7.0.0.0 (Build 700); .NET CLR
1.1.4322)	2004-10-06	00:04:27	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	16	485	212	http	GET	http://www.mydomain.de/library/periodicals/pdf/basel_briefing_3.pdf	Inet	304
199.206.254.69	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0; .NET CLR 1.1.4322)	2004-10-06	00:06:01	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	16	465	281	http	GET	http://www.mydomain.de/	Inet	304
199.206.254.69	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0; .NET CLR 1.1.4322)	2004-10-06	00:06:02	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	15	354	231	http	GET	http://www.mydomain.de/lib/global_screen.css	Inet	304
199.206.254.69	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0; .NET CLR 1.1.4322)	2004-10-06	00:06:02	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	15	353	231	http	GET	http://www.mydomain.de/lib/global_print.css	Inet	304
199.206.254.69	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0; .NET CLR 1.1.4322)	2004-10-06	00:06:02	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	346	231	http	GET	http://www.mydomain.de/lib/global.js	Inet	304
199.206.254.69	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0; .NET CLR 1.1.4322)	2004-10-06	00:06:03	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	350	232	http	GET	http://www.mydomain.de/images/spacer.gif	Inet	304
199.206.254.69	anonymous	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0; .NET CLR 1.1.4322)	2004-10-06	00:06:03	DEBZIRP01	-	www.mydomain.de	192.168.1.8	80	-	362	231	http	GET	http://www.mydomain.de/images/topbar_mydomainde_kids.jpg	Inet	304
[...]

I am Looking for a desktop software to analyse the traffic, for
instance a tool that is generating html-reports. i need the
configuration for the logfile analyse!
thanx a lot!

Answer

There is no answer at this time.

Comments

There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.

Search Google Answers for

Google Home - Answers FAQ - Terms of Service - Privacy Policy