On-Premise Endpoint

Sophos Endpoint Software Sophos Reporting : Latest Blocked Websites

On-Premise Endpoint requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 2 replies
Subscribers 1 subscriber
Views 5651 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Reporting : Latest Blocked Websites

PAGAN over 13 years ago

I was trying to figure out how to use the Reports in Sophos to give me a list of :

Latest Blocked Websites

.

For the last week (past 7 days)

.

Grouped by User

.

Each event Listed

.

I can get a Summary such as : USER has 3 Events

But what I'd like to see is the actual events listed

Anyone got a quick walkthrough for me to make this ?

This thread was automatically locked due to age.

Parents

0 jak over 13 years ago

HI,

This is not possible from within SEC. The closest thing to what you are trying to do that is supportable is using the reporting interface:

/search?q= 8285

There are really 2 parts to the reporting interface:

1. the updates to the SOPHOS database which includes the new tables, views and functions.
2. the service you can install to generate log files which is optional.

Point 1 is a supportable interface defined by SQL views to be used by reporting clients such as Crystal, SQL Reporting Services, etc.. The second is intended to be used in conjunction with Splunk. I.e in an XML config files you can define what you wish to be logged, at what frequency at to where. Splunk then comes along and imports the data for reporting purposes.

Regards,
Jak
:12277
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 jak over 13 years ago

HI,

This is not possible from within SEC. The closest thing to what you are trying to do that is supportable is using the reporting interface:

/search?q= 8285

There are really 2 parts to the reporting interface:

1. the updates to the SOPHOS database which includes the new tables, views and functions.
2. the service you can install to generate log files which is optional.

Point 1 is a supportable interface defined by SQL views to be used by reporting clients such as Crystal, SQL Reporting Services, etc.. The second is intended to be used in conjunction with Splunk. I.e in an XML config files you can define what you wish to be logged, at what frequency at to where. Splunk then comes along and imports the data for reporting purposes.

Regards,
Jak
:12277
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data