Jump to content
vs2018sv

Log all web control events

Recommended Posts

Hello,

 

Is anyone aware of a way I can set my ESET Cloud endpoints to log all web control events.

I am looking for a way to log all web events on my remote machines.

 

Thank you

Share this post


Link to post
Share on other sites
3 minutes ago, vs2018sv said:

Hello,

 

Is anyone aware of a way I can set my ESET Cloud endpoints to log all web control events.

I am looking for a way to log all web events on my remote machines.

 

Thank you

It will log to you what files has been scanned in these websites whether it's clean or not,

I believe what you want is a log of what the endpoints are entering into.

Share this post


Link to post
Share on other sites

I followed the steps in the link above, but I am not getting any logging.

What I am trying to do is log every site visited on a endpoint rather is is allowed or blocked. I want 100% of the browser traffic logged.

I do get logging for blocked sites, but not for allowed.

 

Snip of the rule I made and applied to the top of the rules list.

Untitled.png.cff49087dac6d13df8b7818e2a41ef28.png

Share this post


Link to post
Share on other sites

The logging severity must be changed to Warning if you want Web Control records to be transmitted to ESMC. However, the higher number of visited urls be reported to ESMC, the more likely the ESMC server will stop responding due to being inundated with tons of Web Control data.

Share this post


Link to post
Share on other sites

I changed the logging to warning and I am still not getting any logs on my endpoint telling me the sites I was visiting.

I only see blocks still.

 

It sounds like what I am trying to do... log all web traffic - is not supported can can cause issues with our ESET Cloud server.

 

Can I put in a feature request?

Searching this topic, I see several other's with very similar requests.

 

Thanks

Share this post


Link to post
Share on other sites
Posted (edited)

Also monitoring and analysis of employee Internet use really requires specialized software. This article references a few: https://www.information-age.com/monitor-users-internet-activity-123468034/

Another approach is to restrict employee web site access such as blocking access to pornographic web sites and the like.

Edited by itman

Share this post


Link to post
Share on other sites

Works for me:

image.png

However, I'd like to stress again that opening a single website may generate dozens of records so reporting all urls from all machines can cause a big burden on the ESMC server and database and may render them unresponsive.

Share this post


Link to post
Share on other sites

Marcos,

 

Looks like I was able to get ESET to log all by going into web access protection > URL Address management > List of allowed Addresses and adding a new rule with * for the website.

Visiting cnn.com generates over 200 "Filtered Websites" logs (They do not appear under web control logs).

 

Do you know if it is possible to clear just the filtered website logs daily?

 

Thanks

Share this post


Link to post
Share on other sites

It's not possible. I would not recommend using URL management to allow all addresses via * but instead create a Web Control group with all categories selected and "warning" logging severity set. Then create a custom report in ESMC using desired data from the Web Control category:

image.png

Share this post


Link to post
Share on other sites

Got it! Thank you!

 

So the fact that this will eventually slow down the server and we have no way to clear the logs at a specific time frame on the server seems like a problem.

 

Can I put in a feature request asking that ESET get this feature added to the software?

 

Thank you

Share this post


Link to post
Share on other sites

You can clear logs on a daily basis but that's not recommended:

image.png

Even if you were able to delete Web Control logs on clients on a daily basis , it would not mitigate the load on ESMC. Moreover, the enormous number of records generated on clients would make it impossible to get some useful data.

However, I would encourage you to report any potentially good idea you may have to your local ESET partner who can then report it further to ESET and thus influence decisions about future improvements.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...