cancel
Showing results for 
Search instead for 
Did you mean: 
celayeta
Level 7

Export configuration to Database

First, apologize for my English , I have not much experience in this language.

The reason for the post is because I find realiando a project in order to be able to monitor device configuration .

The application must alert or inform when changes are made to the same settings . This way you can detect any unauthorized changes made ​​.

So  far I could get the current settings from the directory "/opt/mwg/storage/default/" , but stored in that location configuration is in  XML format and due to the large amount of data and files is very  complicated to process it .

As a second option try toread the file that generated by the script "mwg-coordinator -B file:in=ACTIVE",but the content of the file is unreadable.

If it is possible , can you help me telling me how I can read and  interpret these files or what method do you recommend for making the  action I want to do?

Of course once you are in the project will share it with the community ended .

Thank you very much !

El mensaje fue editado por: celayeta on 22/01/14 14:44:34 CST
0 Kudos
2 Replies
skloepping
Level 9

Re: Export configuration to Database

Hi Celayeta,

if you just need to monitor the changes or want to have an overview what is happening, there is a built in log file for that: it is called the audit.log file (Troubleshooting > Log files > Audit > audit.log

The content of a file looks like this:

Timestamp  : 24/Jan/2014:12:56:48.628 +0100

User       : admin

Action     : USER_LOGIN

Source Type: USER

Source ID  : 10.149.113.36

Appliance  : mwgappl73

Details:

   User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0

   Role    : Super Administrator

________________________________________________________________________________

Timestamp  : 24/Jan/2014:12:57:13.532 +0100

User       : admin

Action     : FILE_DOWNLOAD

Source Type: SYSTEM_FILES

Source ID  : 564DEA57-F2AE-EDC8-5152-11402381852F/LOG/audit/audit.log

Appliance  : mwgappl73

________________________________________________________________________________

Timestamp  : 24/Jan/2014:12:57:25.030 +0100

User       : admin

Action     : MODIFIED_RULE_GROUP

Source Name: SSL Scanner

Source Type: RULE_GROUP<RuleGroup>

Source ID  : 5169

Source Path: Initial-GatewayRules/RuleGroups/SSL Scanner[0]

Appliance  : mwgappl73

Details:

   Old Enabled: true

   New Enabled: false

Here you can see that i have just disabled the SSL Scanner rule set as a test.

Or here an example where i have enabled the URL.Host Whitelist and added *.mcafee.comm to the list:

Timestamp  : 24/Jan/2014:13:01:01.857 +0100

User       : admin

Action     : ADDED_CONTENT

Source Name: Global Whitelist

Source Type: LIST<Wildcard expression>

Source ID  : com.scur.type.regex.4518

Source Path: /Lists/Wildcard expression/

Appliance  : mwgappl73

Details:

   Entry      : *.mcafee.com

   Description:

________________________________________________________________________________

Timestamp  : 24/Jan/2014:13:01:01.862 +0100

User       : admin

Action     : MODIFIED_RULE

Source Name: URL Host Matches in List Global Whitelist

Source Type: RULE

Source ID  : 10809

Source Path: Initial-GatewayRules/RuleGroups/Global Whitelist[1]

Appliance  : mwgappl73

Details:

   Old Enabled: false

   New Enabled: true

Bets Regards

Stefan

0 Kudos
consoul
Level 9

Re: Export configuration to Database

I wanted this as well so I have a three-stage process that logs into each proxy via a bash script and collects the changes to the audit log every five minutes and emails them to me. PM me if you want me to send you a copy of what I use.

0 Kudos