4 Replies Latest reply: Jan 23, 2013 3:18 PM by Jon Scholten RSS

    integrate web reporter to directory to get username for IPS

    Ahmed Eissa

      MY webgateway is using IP Mapping , in secure web reporter the  genterated reportes are generated per IP address.

      iam asking is there any way to integrate a manunal internal directory to show these ips with its username ??

      and i mean with username that usernames which is manually configured

      as "172.16.16.16" will be shown as "Ahmed Eissa"

      aaaaaaaaaaaaUntitled.png

      bbbbbbbbbUntitled.png

      can i replace this ip with a username defined to me , unfortunately my orgnization Active directory is not based on ip address , it is based on username

       

      Plllllz help me

       

      Message was edited by: ahmed.eissa on 2013/01/22 10:06:18 AM
        • 1. Re: integrate web reporter to directory to get username for IPS
          Jon Scholten

          Hi Ahmed,

           

          I'm not sure I understand you correctly, but I'll try to explain.

           

          In order to get reports based on username's you need to enable authentication in Web Gateway. Please send in a screenshot of the full "web mapping" tab, as well as Proxies > HTTP(S) Proxy > Authentication tab. This will show me if you have authentication enabled. I'm guessing you do not.

           

          Web Gateway's "web mapping" are intended to assign URL Filtering policies based on IP/user/group.

           

          Best,

          Jon

          • 2. Re: integrate web reporter to directory to get username for IPS
            sroering

            Since you are using Web Gateway 6, the log header configuration controls the log records.  So this means that your client ip will be under the "client_ip" header.  Web Reporter is expecting the username under the "auth_user" header.  You could create a shell script to modify the header before sending them to Web Reporter, but I see 2 more problems:

             

            1) Web Reporter would still save the IP address as the user name, then using the internal directory it could add the real user name for "display name".  So you cannot actually get the username correct using this method. Maybe a small point.

             

            2)The second problem with modifying the header is that i'm pretty sure that Web Reporter requires client_ip. The log parsing job would probably fail without it.

             

            But Web Reporter already has an option to deal with unauthenticated traffic.  I think that your best option is to stand up a DNS service on the Web Reporter box that maps the ip address to user names.  Then on your log source, enable the "use host names" option.

            • 3. Re: integrate web reporter to directory to get username for IPS
              Ahmed Eissa

              Jon Scholten

               

              Hi Ahmed,

               

              I'm not sure I understand you correctly, but I'll try to explain.

               

              In order to get reports based on username's you need to enable authentication in Web Gateway. Please send in a screenshot of the full "web mapping" tab, as well as Proxies > HTTP(S) Proxy > Authentication tab. This will show me if you have authentication enabled. I'm guessing you do not.

               

              Web Gateway's "web mapping" are intended to assign URL Filtering policies based on IP/user/group.

               

              Best,

              Jon

              Dear Jon

              unfortuantely our web gateway don`t use username authentication ,it only based on ip mapping

              i`m lloking for to edit in web reporter to replace map ip address with a user name edited manually by me

              • 4. Re: integrate web reporter to directory to get username for IPS
                Jon Scholten

                Hi Ahmed,

                 

                You cannot edit Web Reporter's database to do what you describe, a lot of things would break if you tried.

                 

                Is there a reason you do not enable authentication on Web Gateway? This way Web Gateway would log who the user is and save you all this trouble.

                 

                Best,

                Jon