Sign in
 
HomeProductsLibraryLearnDownloadsSupportForums
Microsoft Forefront TechCenter >
Searching ISA log for certain info that the user was surfing the net

Answered Searching ISA log for certain info that the user was surfing the net

  • Friday, November 30, 2012 7:05 PM
     
     
    Sign In to Vote
    0

    Hello,

    We are using ISA2006 as a firewall. Our company policy it not allowing anyuse to download cracked application.

    So, I am assuming that ISA server is saving all the things that users do on the web, so how can I check the ISA logs to find out which user is trying to download the cracked appliction.

     

    Many thanks

     

All Replies

  • Friday, November 30, 2012 8:42 PM
     
     
    Sign In to Vote
    0

    Hi,

    you can use the ISA Server realtime logging to see network traffic on the ISA Server but it will be hard to find users which downloaded cracked application. How do you know that the download contains a cracked application?

    regards Marc Grote aka Jens Baier - www.it-training-grote.de - www.forefront-tmg.de - www.nt-faq.de

     
  • Saturday, December 01, 2012 1:38 AM
     
     
    Sign In to Vote
    0

    Netfee for ISA/TMG. You can set warn rule to show all of .exe file downloaded.

    Http://www.netfeesoftware.com

     
  • Sunday, December 02, 2012 7:53 PM
     
     
    Sign In to Vote
    0

    You can configure your ISA server to store its logs in a central SQL database: http://support.microsoft.com/kb/838710

    Once done, you can develop and create your own queries to get all the needed information.

    Note also that there is third party tools which may be helpful.

    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    • Proposed As Answer by matt.leece Sunday, December 02, 2012 10:24 PM
    • Unproposed As Answer by matt.leece Sunday, December 02, 2012 10:55 PM
    •  
     
  • Sunday, December 02, 2012 8:03 PM
     
     
    Sign In to Vote
    0

    Hi Mr X,

    I do not want to use third party tools, I checked the link you provided, however what information will be saved in the d DB?

    Do the username and the information he browsed the net will be saved in this DB?

    Many thanks Mr X

     
  • Monday, December 03, 2012 5:30 AM
    Moderator
     
     Answered
    Sign In to Vote
    0

    Hi,

    Thank you for the post.

    You may create your own queries for SQL to get you want. here is no specific documentation on TMG to do that since it is a more a SQL type of procedure. Here are the fields that are logged on the SQL database:

    Web Proxy Log fields: http://technet.microsoft.com/en-us/library/cc441708.aspx

    Firewall Log Fields: http://technet.microsoft.com/en-us/library/cc441692.aspx

    Regards,

    Nick Gu - MSFT