User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S

ManageEngine Firewall Analyzer :: User Guide

Zoho Corp.

deleted from the database. Later if logs are received from that device, the device is

added as a new device, and reports are generated. To stop this from happening, you

need to configure the device to stop sending logs to Firewall Analyzer.

Doing a search in Firewall Analyzer UI is easy. Firewall Analyzer offers both a Basic

Search and Advanced Search in all the pages of the product. The search results can be

saved as report profiles and can also be scheduled to run the search and mail the report

profile on an hourly, daily, weekly, monthly or once only basis. But the reports profiles

created via search cannot be edited and will not contain graphical representation

of data, and drill down facility.

Basic Search, enables you to search for the following :

Search for

Description

Hosts

Refers to the IP Address or DNS Names which were recorded in the

firewall logs

example: 192.168.0.1,web-server

Protocol

Identifiers

Refers to the list of protocols and protocol identifiers that are available in

the Protocol Groups page (Settings >> Protocol Groups)

example: 6969/tcp, icmp, IPSec

User Names

Refers to the authenticated user name required by some firewall's

example: john, kate

Attack

Refers to the attack name.

examples: UDP Snort, Ip spoof

Virus

Refers to the Virus name.

examples: JS/Exception, W32/Mitglieder

Advanced Search, offers numerous options for making your searches more precise and

getting more useful results Aggregated Logs Database. It allows you to search from the

Raw Firewall Logs.

In Advance Search, you can search the logs for the selected devices, from the

aggregated logs database or raw firewall logs, and define matching criteria.

Selected Devices

In this section, you can choose the devices for which you want the logs to be searched.

If no device is selected or you want to change the list of selected devices, select the

devices.

1. Click Change Selection link.

2. Select Devices from the list window pops-up. In that window, All Devices with

selection check box and individual devices with selection check boxes options are

available.

3. Select the devices by selecting the check boxes as per your requirement. Click

OK to select the devices and close the window or click Cancel to cancel the

opration and close the window.

The selected devices are displayed in this section.