You need to tell us what the customer needs this info
for or how they want to use it (e.g. how many times a
user connects, or how long they were on the
system - both of which the firewall log is useless for
BTW.)
The log will be somewhat misleading, depending on
what your looking for. I could access a system once
for the whole day or I could make many connects
throughout the day and the firewall log will show many
occurances - not distinguishing between them.
If they just want to know if someone is accessing
a system, then well that depends too. Are you using
authentication or just tracking workstations? Both?
What if Johnny uses Janes system to access this
other box?
There are reporting tools from CP and WebTrends.
Robert
(p.s.I can't add anymore to this post, because I'm
trying to hold the lid on this box owned by Pandora :)
- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n F o o d S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>> "Cosgriff, Joe" <[EMAIL PROTECTED]> 8/31/00 8:36:49 AM >>>
>
>I have been asked to present a report on the "who" when accessing a certain
>machine.
>
>example: Customer wants to see a report on any and everyone trying to
>access a single machine.
>all IP's going to x.x.x.x (a specific machine).
>
>I understand how to look at the log and query on the IP's but is there an
>easy way to push this out to a report. I exported everything to a text file
>but it is some what extensive. There are, of course, many dups. Any help
>would be greatly appreciated.
>
>Joseph L. Cosgriff
>[EMAIL PROTECTED]
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
