Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 5650 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Reporting : Latest Blocked Websites

PAGAN

I was trying to figure out how to use the Reports in Sophos to give me a list of :

Latest Blocked Websites

.

For the last week (past 7 days)

.

Grouped by User

.

Each event Listed

.

I can get a Summary such as :  USER has  3 Events

But what I'd like to see is the actual events listed

Anyone got a quick walkthrough for me to make this ?

:12251


This thread was automatically locked due to age.
  • 0

    I got the SQL code I wanted :

    ..........................................

    SELECT     TOP (100) PERCENT dbo.ComputersAndDeletedComputers.Name, dbo.Events.ReportingName, dbo.Events_WebFilteringData.BlockedSite,
                          dbo.Events_WebFilteringData.ReferringURL, dbo.Events.EventTime
    FROM         dbo.ComputersAndDeletedComputers INNER JOIN
                          dbo.Events ON dbo.ComputersAndDeletedComputers.ID = dbo.Events.ComputerID INNER JOIN
                          dbo.Events_WebFilteringData ON dbo.Events.ID = dbo.Events_WebFilteringData.EventID
    ORDER BY dbo.ComputersAndDeletedComputers.Name, dbo.Events.EventTime DESC

    ..........................................

    Anyway to get it into the REPORTS table ?

    It is currently saved as a SQL-VIEW

    I'd like it to be available in the table REPORTS, and then allow it to be scheduled from the Mangement Console

    How do I go about getting this SQL code to be a Report in the Management Console ?

    .

    :12271
  • 0

    HI,

    This is not possible from within SEC.  The closest thing to what you are trying to do that is supportable is using the reporting interface:

    /search?q= 8285

    There are really 2 parts to the reporting interface:

    1. the updates to the SOPHOS database which includes the new tables, views and functions.
    2. the service you can install to generate log files which is optional.

    Point 1 is a supportable interface defined by SQL views to be used by reporting clients such as Crystal, SQL Reporting Services, etc..  The second is intended to be used in conjunction with Splunk. I.e in an XML config files you can define what you wish to be logged, at what frequency at to where.  Splunk then comes along and imports the data for reporting purposes.

    Regards,
    Jak

    :12277
Unfiltered HTML