3 Replies Latest reply on Nov 8, 2010 6:10 AM by Valeinrete

    Web Reporter on the MWG 7.X Appliance.

      Hello there..

      I've managed to install WebReporter 5.1.0 on the MWG 7.x appliance itself.

      I've just addedd "bc" using "yum install bc". simple and easy .. after that the webreporter installation work straight away, without any problem.

      The web reporting work quite good and in the next couple of hours (playing with it ) I should be able to obtain live logging from the access.log.

      As far as I see seems that this solution may cross part of the live reporting problem, obviously only if you are using one appliance.

      Do anyone of you knows if doing that I can Invalidate the McAfee official support in case of problems where I need to open one case or things like that ?

       

      Many Thanks.

        • 1. Re: Web Reporter on the MWG 7.X Appliance.
          michael_schneider

          Hello,

           

          Do anyone of you knows if doing that I can Invalidate the McAfee official support in case of problems where I need to open one case or things like that ?

           

          you have done so already . WR is not supported on MLOS nor does MWG support the installtion of WR on the same appliance and will tell you to reimage in case you have performance issues, or at least ask you to remove WR from the appliance.

          Such changes require approval of:

          Support Management

          Engineering Management

          Product Management

          and are normally only given under very seldom circumstances - and I have not yet approved such an installtion nor have the others.

           

          best,

          Michael

          • 2. Re: Web Reporter on the MWG 7.X Appliance.

            Ok Cool,

            This one is only a lab appliance for testing, tuning, playing... I made the question only in case someone would have think about doing the same.. in production env officially supported (Gold support, silver, etc).

            But I'm surprised about this. is impressive, works very well!

            Have you ever tried it ?

            Also I have another question .. do you know if is possible obtain Live monitoring features on MWG 7 ? or witch is the best way to set up the live monitoring and the reporting ?

            Because I've done what I've done only to make the reporting better...trying to have more reactive reporting....

            Any sugg ?

             

             

            Message was edited by: Valeinrete on 08/11/10 06:10:54 CST
            • 3. Re: Web Reporter on the MWG 7.X Appliance.
              michael_schneider

              You could use snmp or syslog....https://community.mcafee.com/community/business/email_web/webgateway/blog/2010/1 1/04/mwg-7-and-enterprise-management-tools

               

              Or create a monitoring page your self, that has reference to som system stats.

               

              Just create a blockpage, that shows some system details. There is a list of counters in the product that are used for the dashboards, but can be called elsewhere:

               

              Name

              Type

              Description

              System

              ApplicationMemoryUsage

              TS (Avg)

              Memory usage in percent from MWG applications

              ConnectedSockets

              TS (Avg)

              Number of currently open sockets of the proxy

              CPUIdle

              TS (Avg)

              Percentage of the CPU in idle state

              CPULoad

              TS (Avg)

              Percentage of the CPU utilization

              CPUSystem

              TS (Avg)

              Percentage of CPU usage not consumed by MWG applications

              CPUUser

              TS (Avg)

              Percentage of CPU usage consumed by MWG applications

              FilesystemUsage

              TS (Avg)

              Percentage of usage of the installation partition of MWG

              HarddiskUsage

              TS (Avg)

              Percentage of usage of the complete hard disk

              MemFree

              TS (Avg)

              Total amount of free memory in bytes

              MemoryUsage

              TS (Avg)

              Memory usage in percent

              MemUsed

              TS (Avg)

              Total amount if used memory in bytes

              NetworkBytesReceived

              TS (Avg)

              Received number of bytes per second

              NetworkBytesSent

              TS (Avg)

              Transmitted number of bytes per second

              StatDBSize

              TS (Avg)

              Size of statistic database in bytes

              SwapFree

              TS (Avg)

              Free Swap Space in bytes

              SwapUsed

              TS (Avg)

              Used Swap Space in bytes

              WebCacheDiskUsage

              TS (Avg)

              Percentage of usages of cache partition

              WebCacheHits

              TS (Total)

              Number of cache hits

              WebCacheMisses

              TS (Total)

              Number of cache misses

              WebCacheObjectsCount

              TS (Avg)

              Number of objects in web cache

              Content

              BlockedByAntiMalware

              TS (Total)

              Number of blocked transactions by Anti-Malware process

              BlockedByURLFilter

              TS (Total)

              Number of blocked transactions by URL filter

              BlockedByMediaFilter

              TS (Total)

              Number of blocked transactions by media filter

              CertExpired

              TS (Total)

              Number of detected expired certificates

              CertNameMismatch

              TS (Total)

              Number of certificates with name mismatch

              CertUnresolvable

              TS (Total)

              Number of unresolvable certificate chains

              CertWildCardMatch

              TS (Total)

              Number of certificates the matched a wildcard in rule

              ConnectionsBlocked

              TS (Total)

              Number of blocked connections

              ConnectionsLegitimate

              TS (Total)

              Number of legitimate connections

              Categories

              TS (Total)

              Number of detected categories

              MalwareDetected

              TS (Total)

              Number of detected malware objects

              MT.Archive

              TS (Total)

              Number of detected archives

              MT.Audio

              TS (Total)

              Number of detected audio files

              MT.Document

              TS (Total)

              Number of detected documents

              MT.Executable

              TS (Total)

              Number of detected executables

              MT.Image

              TS (Total)

              Number of detected images

              MT.Stream

              TS (Total)

              Number of detected streams

              MT.Text

              TS (Total)

              Number of detected text files

              MT.Video

              TS (Total)

              Number of detected videos

              RepHighRisk

              TS (Total)

              Number of pages with reputation: high risk

              RepMediumRisk

              TS (Total)

              Number of pages with reputation: medium risk

              RepMinimalRisk

              TS (Total)

              Number of pages with reputation: minimal risk

              RepUnverified

              TS (Total)

              Number of pages with reputation: unverified

              Traffic

              FtpRequests

              TS (Total)

              Number of FTP requests

              FtpTraffic

              TS (Total)

              FTP traffic in bytes from Proxy to Internet

              FtpBytesFromClient

              Single

              FtpBytesFromServer

              Single

              FtpBytesToClient

              Single

              FtpBytesToServer

              Single

              HttpBlocked

              TS (Total)

              Number of blocked HTTP(S) requests

              HttpLegitimate

              TS (Total)

              Number of legitimate HTTP(S) requests

              HttpRequests

              TS (Total)

              Number of HTTP requests

              HttpTraffic

              TS (Total)

              HTTP traffic in bytes from Proxy to Internet

              HttpBytesFromClient

              Single

              HttpBytesFromServer

              Single

              HttpBytesToClient

              Single

              HttpBytesToServer

              Single

              HttpsRequests

              TS (Total)

              Number of HTTPS requests

              HttpsTraffic

              TS (Total)

              HTTPS traffic in bytes  from Prxy to Internet

              HttpsBytesFromClient

              Single

              HttpsBytesFromServer

              Single

              HttpsBytesToClient

              Single

              HttpsBytesToServer

              Single

              ICAPReqmodTraffic

              TS (Total)

              Number of bytes transfered in ICAP reqmod

              ICAPRespmodTraffic

              TS (Total)

              Number of bytes transfered in ICAP respmod

              ICAPReqmodRequests

              TS (Total)

              Number of requests in ICAP reqmod

              ICAPRespmodRequests

              TS (Total)

              Number of requests in ICAP respmod

               

               

               

              This error page:

              <!--Title-->
              <table class='titleTable' background='$<propertyInstance useMostRecentConfiguration="false" propertyId="com.scur.engine.system.proxy.enduserurl"/>$/files/default/img/bg_navbar.jpg'>
                <tr>
                  <td class='titleData'>
                    Monitoring page
                  </td>
                </tr>
              </table>
              <!--/Title-->
              
              <!--Content-->
              <table class="contentTable">
                <tr>
                  <td class="contentData">
                    Below you can see some monitoring info on MWG:
                  </td>
                </tr>
              </table>
              <!--/Content-->
              
              <!--Info-->
              <table class='infoTable'>
                <tr>
                  <td class='infoData'>
              <!-- Uses MemFree -->
                    <b>Current Free Memory: $<propertyInstance useMostRecentConfiguration="false" configurationId="com.scur.engine.billing.4575" propertyId="com.scur.engine.billing.counter.get">
                <parameters>
                  <entry>
                    <string>com.scur.engine.billing.counter.get.name</string>
                    <parameter valueTyp="3">
                      <value>
                        <stringValue value="MemFree" stringModifier="true" typeId="com.scur.type.string"/>
                      </value>
                    </parameter>
                  </entry>
                </parameters>
              </propertyInstance>$</b>
              <b> Current Idle CPU: $<propertyInstance useMostRecentConfiguration="false" configurationId="com.scur.engine.billing.4575" propertyId="com.scur.engine.billing.counter.get">
                <parameters>
                  <entry>
                    <string>com.scur.engine.billing.counter.get.name</string>
                    <parameter valueTyp="3">
                      <value>
                        <stringValue value="CPUIdle" stringModifier="true" typeId="com.scur.type.string"/>
                      </value>
                    </parameter>
                  </entry>
                </parameters>
              </propertyInstance>$
                    <br />
                    <br />
                  </td>
                </tr>
              </table>
              <!--/Info-->
              
              

              produces:

               

              block.jpg

              Attaching a sample rule set.

               

              best,

              Michael

               

               

              Message was edited by: Michael Schneider on 09/11/2010 09:15:23 CET