Jump to content

Log all web control events


Recommended Posts

Hello,

 

Is anyone aware of a way I can set my ESET Cloud endpoints to log all web control events.

I am looking for a way to log all web events on my remote machines.

 

Thank you

Link to post
Share on other sites
  • Most Valued Members
3 minutes ago, vs2018sv said:

Hello,

 

Is anyone aware of a way I can set my ESET Cloud endpoints to log all web control events.

I am looking for a way to log all web events on my remote machines.

 

Thank you

It will log to you what files has been scanned in these websites whether it's clean or not,

I believe what you want is a log of what the endpoints are entering into.

Link to post
Share on other sites

I followed the steps in the link above, but I am not getting any logging.

What I am trying to do is log every site visited on a endpoint rather is is allowed or blocked. I want 100% of the browser traffic logged.

I do get logging for blocked sites, but not for allowed.

 

Snip of the rule I made and applied to the top of the rules list.

Untitled.png.cff49087dac6d13df8b7818e2a41ef28.png

Link to post
Share on other sites
  • Administrators

The logging severity must be changed to Warning if you want Web Control records to be transmitted to ESMC. However, the higher number of visited urls be reported to ESMC, the more likely the ESMC server will stop responding due to being inundated with tons of Web Control data.

Link to post
Share on other sites

I changed the logging to warning and I am still not getting any logs on my endpoint telling me the sites I was visiting.

I only see blocks still.

 

It sounds like what I am trying to do... log all web traffic - is not supported can can cause issues with our ESET Cloud server.

 

Can I put in a feature request?

Searching this topic, I see several other's with very similar requests.

 

Thanks

Link to post
Share on other sites

Also monitoring and analysis of employee Internet use really requires specialized software. This article references a few: https://www.information-age.com/monitor-users-internet-activity-123468034/

Another approach is to restrict employee web site access such as blocking access to pornographic web sites and the like.

Edited by itman
Link to post
Share on other sites
  • Administrators

Works for me:

image.png

However, I'd like to stress again that opening a single website may generate dozens of records so reporting all urls from all machines can cause a big burden on the ESMC server and database and may render them unresponsive.

Link to post
Share on other sites

Marcos,

 

Looks like I was able to get ESET to log all by going into web access protection > URL Address management > List of allowed Addresses and adding a new rule with * for the website.

Visiting cnn.com generates over 200 "Filtered Websites" logs (They do not appear under web control logs).

 

Do you know if it is possible to clear just the filtered website logs daily?

 

Thanks

Link to post
Share on other sites
  • Administrators

It's not possible. I would not recommend using URL management to allow all addresses via * but instead create a Web Control group with all categories selected and "warning" logging severity set. Then create a custom report in ESMC using desired data from the Web Control category:

image.png

Link to post
Share on other sites

Got it! Thank you!

 

So the fact that this will eventually slow down the server and we have no way to clear the logs at a specific time frame on the server seems like a problem.

 

Can I put in a feature request asking that ESET get this feature added to the software?

 

Thank you

Link to post
Share on other sites
  • Administrators

You can clear logs on a daily basis but that's not recommended:

image.png

Even if you were able to delete Web Control logs on clients on a daily basis , it would not mitigate the load on ESMC. Moreover, the enormous number of records generated on clients would make it impossible to get some useful data.

However, I would encourage you to report any potentially good idea you may have to your local ESET partner who can then report it further to ESET and thus influence decisions about future improvements.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...