Is there a way to report user-defined counters from MWG7x to ePO 4.6.x without the use of Content Security Reporter (CSR)?
I have 2 separate rules that block based on a particular set of categories, and I would like to be able to capture statistics for when those rules are triggered. I have the connection setup between MWG and ePO, but I only get a generic counter name that tells me that the URL was filtered:
I noticed that in the listing, none of my user-defined counter names appear when trying to create a query based on Counter Name:
I feel like I may be missing something simple. Any help would be greatly appreciated!
Message was edited by: waynediesel on 4/2/13 11:38:41 AM CDT
This does not answer your question as such, but from what I have found the user-defind counters are not that well supported at the moment.
I, too, have used them to monitor a number of different parts of my policy. The only way I have found to graph them so far is a bit of a hack job. What I have done is make a block page that has the various counters I want to monitor. this is then triggered by a specific rule for my monitoring server's IP. I then have a shell script that goes to my blocked page, and pulls that data out and puts in to RRD, and I then graph that data from there. I can share the scripts if you are interested in how I've done this?
Example of what the graphs look like, the solid blue is our whitelist against the left axis, the light blue line is our black lists against our right axis and the red line is the 95th percentile.
Message was edited by: trishoar on 03/04/13 05:51:20 CDT
CSR is the only product that uses ePO and reads MWG access logs, and as you may have noticed, you can save up to 4 user-defined columns, but CSR can only treat them as text values. As such, you cannot perform numerical functions such as graph, sum, average, etc. on those values. Sorry.