Showing results for 
Search instead for 
Did you mean: 

Export configuration to Database

First, apologize for my English , I have not much experience in this language.

The reason for the post is because I find realiando a project in order to be able to monitor device configuration .

The application must alert or inform when changes are made to the same settings . This way you can detect any unauthorized changes made ​​.

So  far I could get the current settings from the directory "/opt/mwg/storage/default/" , but stored in that location configuration is in  XML format and due to the large amount of data and files is very  complicated to process it .

As a second option try toread the file that generated by the script "mwg-coordinator -B file:in=ACTIVE",but the content of the file is unreadable.

If it is possible , can you help me telling me how I can read and  interpret these files or what method do you recommend for making the  action I want to do?

Of course once you are in the project will share it with the community ended .

Thank you very much !

El mensaje fue editado por: celayeta on 22/01/14 14:44:34 CST
2 Replies

Re: Export configuration to Database

Hi Celayeta,

if you just need to monitor the changes or want to have an overview what is happening, there is a built in log file for that: it is called the audit.log file (Troubleshooting > Log files > Audit > audit.log

The content of a file looks like this:

Timestamp  : 24/Jan/2014:12:56:48.628 +0100

User       : admin

Action     : USER_LOGIN

Source Type: USER

Source ID  :

Appliance  : mwgappl73


   User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0

   Role    : Super Administrator


Timestamp  : 24/Jan/2014:12:57:13.532 +0100

User       : admin

Action     : FILE_DOWNLOAD


Source ID  : 564DEA57-F2AE-EDC8-5152-11402381852F/LOG/audit/audit.log

Appliance  : mwgappl73


Timestamp  : 24/Jan/2014:12:57:25.030 +0100

User       : admin


Source Name: SSL Scanner

Source Type: RULE_GROUP<RuleGroup>

Source ID  : 5169

Source Path: Initial-GatewayRules/RuleGroups/SSL Scanner[0]

Appliance  : mwgappl73


   Old Enabled: true

   New Enabled: false

Here you can see that i have just disabled the SSL Scanner rule set as a test.

Or here an example where i have enabled the URL.Host Whitelist and added *.mcafee.comm to the list:

Timestamp  : 24/Jan/2014:13:01:01.857 +0100

User       : admin

Action     : ADDED_CONTENT

Source Name: Global Whitelist

Source Type: LIST<Wildcard expression>

Source ID  : com.scur.type.regex.4518

Source Path: /Lists/Wildcard expression/

Appliance  : mwgappl73


   Entry      : *



Timestamp  : 24/Jan/2014:13:01:01.862 +0100

User       : admin

Action     : MODIFIED_RULE

Source Name: URL Host Matches in List Global Whitelist

Source Type: RULE

Source ID  : 10809

Source Path: Initial-GatewayRules/RuleGroups/Global Whitelist[1]

Appliance  : mwgappl73


   Old Enabled: false

   New Enabled: true

Bets Regards


Re: Export configuration to Database

I wanted this as well so I have a three-stage process that logs into each proxy via a bash script and collects the changes to the audit log every five minutes and emails them to me. PM me if you want me to send you a copy of what I use.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community