haanguloo 0 Posted July 31, 2014 Share Posted July 31, 2014 Hi there, Thanks for looking at this topic. I've been going through the official documentation of ERAC, but I couldn't find any answer to my question. Well, as a company, we would like to monitor and obtain a report about the websites that our users are visiting, however there is no solution for this. Is it possible to obtain a report about the visited websites per machine or per ESET client? And, is it possible to configure it on the dashboard of the ERAC? Thanks in advance for your reply. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted July 31, 2014 Share Posted July 31, 2014 Hello, ERAC logs the following information when using Web control : Logs and reporting Time Account Group URL Matching URL Category Action performed Keep in mind, web control only works when your clients have ESET Endpoint Security installed. Not Endpoint antivirus. In addition, it appears that only information regarding blocked sites that you have created rules for will be submitted and recorded by ERAC. Websites that are not listed under a category or rule will not show up. (Normal web traffic). See attached picture. Link to comment Share on other sites More sharing options...
dgtlsparks 0 Posted November 25, 2014 Share Posted November 25, 2014 Not sure if you found your answer or not, but i thought I'd throw my 2 cents in. You can monitor all web traffic by creating a rule for each category and add which logging level (severity column) should be attached to those rule actions. You'll need to scroll the window to the right to see the log level selection or increase the window size. I've attached an image of what I use - Web Rules Editor.png. This way, all web browsing done by a user is logged, with blocked sites showing as a Warning and allowed sites as Informational. Now, from the ERA, set the Web Control Log to collect logs at Level 3 or Normal log entries and above. I've attached an image of that as well - Web Log Level.png. This will display all web traffic passing through each client and the category rule that affected that traffic. BE WARNED!!!! This will create a HUGE load on your database and will slow the ERA down if you try browsing for a large number of events. What I recommend is filtering at the ERAC level for warnings only so you can see blocked content without bogging the console itself down, but the data is there if you need a report. With this configuration, I was able to replace a Websense Content Proxy for a 250 client organization and save the company a bundle. Link to comment Share on other sites More sharing options...
Recommended Posts