Home > Burstek LogAnalyzer Support > Burstek LogAnalyzer Support > bt-LogAnalyzer SETM Frequently Asked Questions

bt-LogAnalyzer SETM Frequently Asked Questions

GENERAL INFORMATION

Q: Do you support Microsoft’s Forefront Threat Management Gateway 2010 (TMG)?

All Burstek products support TMG

TOP

Q: LogAnalyzer SE™ hardware requirements?

There are no specific hardware requirements for LogAnalyzer SE™. If you can run IIS 6.0 or later, and SQL 2005 or later, and follow Microsoft Best Practices regarding hardware for these platforms, then LA SE™ can be installed as well.

Any modern machine with dual/multi-core processors and at least 4GB of RAM will be sufficient for most companies needs. Of course, the more processing power and RAM, the higher the performance of the reporting software.

TOP

Q: What are the Required Fields for LogAnalyzer SE™?

  1. Client IP (c-ip)
  2. Client User Name (cs-username)
  3. Date (date)
  4. Time (time)
  5. Processing Time (time-taken)
  6. Bytes Sent (cs-bytes)
  7. Bytes Received (sc-bytes)
  8. Protocol (cs-protocol)
  9. Operation (s-operation)
  10. Object Name (cs-url)
  11. Object MIME (cs-mime-type)
  12. Result Code (sc-status)
TOP

Q: LogAnalyzer SE™ Sizing Guideline?

The information listed below should be used to form a starting point for environment design when deploying LogAnalyzer SE™. It is highly recommended you do initial load testing to determine a baseline for additional performance considerations.

Test Platform

Servers:

A) HP DL380 G4 (SQL 2005 Server)

  1. Dual Intel Xeon 3.6GHZ processors
  2. 4 GB PC2-3200 400MHz Memory
  3. 6x 10KRPM 72GB U320 Hard Drivers

      4. 1x R1 – Operating System (2 Drives)

      1xR0 – Data Files (2 Drives)

      1xR0 – Log Files (2 Drives)

  4. Gigabit Server Adapter
  5. Server 2003 Standard SP2
  6. SQL 2005

B) Lenovo 8702 (Web Server)

  1. Intel Core 2 Quad 2.3GHZ Processor
  2. 6 GB SDRAM
  3. 600GB 7200 RPM SATA Hard Drive
  4. Gigabit Network Adapter
  5. Server 2008 R2 Standard

Data Size: 2 GB

Load/Categorization Time: 7-9 Hours

*Report Times: 3 Minutes for Executive Report / 20 Minutes for Enterprise Summary Report / ~60 Minutes each for Complete User Audit Detail and Global Report Types

Database Size after Load: 3.4 GB (Does not include Reports Database)

Total Number of Records: ~6 Million

*Report Times subject to selections and configuration options. Heavy detailed reports over large time periods will increase report times.

TOP

APPLICATION CONFIGURATION

Q: How to Purge LogAnalyzer SE™ databases: Manual and Automatic?

To maintain a manageable LogAnalyzer SE database size, the database for log data must be purged periodically. This is done on a per-log source basis, and can be done either manually or automatically.

Manual Purge:

  1. In the ‘Log Source List’ page, select/highlight the desired log source to purge
  2. In the left-hand menu and under the ‘Log Source List’ section, select the ‘Purge Data’ option
  3. You are given the option to purge pre-set time intervals, a custom time interval, or to completely purge all log data. Once you select the desired amount of log data to purge, click the ‘Purge’ button, then click ‘OK’ to begin the purge

Automatic Purge:

  1. In the ‘Log Source List’ page, navigate to the properties of the log source that is to be automatically purged
  2. Click on the ‘Automatic Purge’ tab
  3. Mark the checkbox labeled ‘Delete log data older than _ calendar days, according to the following schedule:’, then input the desired value for the maximum age of log data
  4. Enter the date and time to start the purge
  5. Select your desired ‘Recurrence Schema’
  6. If desired, notifications for purge success and/or failure can be configured to be sent to the specified email recipients

    NOTE: The SMTP settings must be configured in the application for email notifications to function properly.
  7. Once the desired settings have been configured, save the changes by clicking ‘OK’ or ‘Apply’
  8. The automatic purge operation will begin on the configured date/time, and will recur as configured
TOP

Q: How to delete obsolete reports to maintain Database size?

  1. Launch the bt-LogAnalyzer SE™ Web Interface
  2. Login to the application with the Administration password in the upper right corner
  3. Click on the 'Reports' option on the top navigation bar
  4. Locate the report that you want to clear the results for and select 'Report Generation History' from the 'Reports' Quick Navigation bar on the middle left of the page
  5. Highlight the report results and select 'Delete Report Result
TOP

Q: Restrict access to LogAnalyzer SE™?

To restrict access to the LogAnalyzer SE™ interface to authorized users you will need to configure the site permissions in IIS.

In IIS5:

  1. Open Internet Information Services and navigate to the properties of 'LogAnalyzer7'
  2. On the 'Directory Security' tab, click 'Edit' under the 'Anonymous access and authentication control' section
  3. Make sure 'Integrated Windows authentication' is unchecked, and that 'Basic authentication' is checked
  4. Click 'OK', then Click 'OK' again
  5. Go to the web directory for LogAnalyzer SE™ and modify the properties for the accounts that should have access to the interface. Make sure the account used by the LAEEAppPool has Read and Execute, List Folder Contents, Read, and Write permissions
  6. Open a Command window and type 'IISRESET'
  7. When the services have been restarted, test the accounts that should have access

In IIS6:

  1. Open your IIS Manager and Navigate to the 'Properties' of 'LogAnalyzer 7'
  2. In the 'Directory Security' tab, click 'Edit' under the 'Authentication and access control' section
  3. Make sure 'Integrated Windows authentication' is unchecked, and that 'Basic authentication' is checked.
  4. Click 'OK', then Click 'OK' again
  5. Navigate to the 'Permissions' section of 'LogAnalyzer 7.' Here is where you can configure what users/groups will have access to LogAnalyzer. Make sure to include the LAEEAppPool 'Identity' account as well. This can be verified by navigating to the properties of 'LAEEAppPool', and checking the account under 'Identity'
  6. Open a Command window and type 'IISRESET'
  7. When the services have been restarted, test the accounts that should have access

In IIS7:

Ensure that the LAEEAppPool is running with an account that has permissions to the LASE Databases:

  1. Open Internet Information Services (IIS) Manager on the server where the LogAnalyzer SE™ interface is installed
  2. Expand the Web server under the 'Connections' area
  3. Click on 'Application Pools'
  4. The 'LAEEAppPool' application pool should be listed in the middle screen. It will have a column labeled 'Identity.' This account must have rights to the LogAnalyzer SE™ Databases
  5. To change the account used by the identity, right click on the 'LAEEAppPool' and select 'Advanced Settings'
  6. Under the 'Process Model' section, click on the field to the right of 'Identity'
  7. Click on the 3-dot button
  8. Select 'Custom Account' and press the 'Set' button
  9. Enter the 'User Name' in the following format (DOMAIN\USER)
  10. Enter the password and confirm
  11. Click 'OK' to this screen and then 'OK" at the 'Application Pool Identity' and 'Advanced Settings' dialogs
  12. Under 'Actions' on the right side of IIS Manager, select the 'Stop' then 'Start' options under 'Application Pool Tasks'

To change the authentication type of the LogAnalyzer SE™ webpage:

  1. Expand the 'Sites' container under the Web server in IIS Manager 'Connections' window (Default install of the LogAnalyzer SE™ Interface)
  2. Click on 'LogAnalyzer7'
  3. Double-click on 'Authentication' in the 'IIS' section of the middle screen
  4. Make sure 'Basic Authentication' is enabled, and 'Windows Authentication' is 'Disabled'. If 'Windows Authentication' is 'Enabled', the user will not be prompted with a logon box when accessing the URL

To add the users/groups that will only have access to LogAnalyzer SE™:

  1. Right-click 'LogAnalyzer7' in the left-hand 'Connections' menu
  2. Click 'Edit' Permissions'
  3. In the 'Web Interface Properties' window, click the 'Security' tab
  4. Click the 'Edit' button
  5. Remove all groups and usernames and user names that should not have access to the interface
  6. Ensure that the identity used by the LAEEAppPool has 'Full Control'
  7. Add any users that should have access and set the following permissions:
    a) Read & Execute
    b) List folder contents
    c) Read
TOP

Q: How do I adjust the bandwidth cost factor?

  1. Open the bt-LogAnalyzer Web Interface
  2. Enter the password for the interface in the upper right corner
  3. Click on 'Settings' from the task bar
  4. Click on 'Factors'
  5. Enter the desired 'Bandwidth Cost Factor (per KiloByte)' value
  6. Click 'OK'

    7. Note: If you don’t wish to report on bandwidth cost factor, set factor to zero.

TOP

Q: How do I create a Custom Category?

  1. Open the bt-LogAnalyzer Web Interface
  2. Enter the password for the interface in the upper right corner
  3. Hover over 'Categories' on the task bar and select 'New Category' from the drop-down menu that appears
  4. Enter the Name and Description of the Category (Common Options tab)
  5. Click the Included URLs tab
  6. Enter the desired URL, website, or webpage to include into the category. Asterisks (*) may be used as wildcards. For example, to include the entire acme.com website, you would include two masks: *//acme.com* and *.acme.com*.This would ensure that both http://acme.com* and http://www.acme.com* are both categorized alike
  7. Click Add
  8. Repeat as necessary

If you would like to enter a Web site or Domain, but eliminate a particular page:

  1. Click the Excluded URLs tab
  2. Enter the desired URL, website, or webpage to exclude from the category. Asterisks(*) may be used as wildcards. For example, to exclude the fake.acme.com webpage, you would include two masks in the ‘Exclude’ tab: *//fake.acme.com* and *.fake.acme.com*. This will result in http://www.acme.com*, http://acme.com*, and any sub domain other than http://fake.acme.com being categorized as the newly created category
  3. Click Add
  4. Repeat as necessary
TOP

Q: How do I add a new URL to a category in bt-LogAnalyzer SE™?

  1. Open the bt-LogAnalyzer Web Interface
  2. Enter the password for the interface in the upper right corner
  3. Hover over 'Categories' on the task bar and select 'Category List' from the drop-down menu that appears
  4. Locate the category that you want to modify and select the Categories Properties button next to the red X on the right side of the table
  5. Click on the 'Included URLs' option
  6. Enter the proper masks for the URL that you would like to include in the category. (See 'How do I create an appropriate URL mask?')
  7. When completed click 'Add'

    8. Note: The new masks will take effect for all categorization operations after this date. To have data previously categorized utilize the new masks, please categorize all existing log data.

TOP

Q: How do I create an appropriate URL mask?

Typically the user would use two separate masks to safely filter a certain domain into a desired category.

The following examples are how the masks would be input for the domain example.com:

*.example.com*;*//example.com*

Note: Multiple masks can be entered at once when separated by a semicolon (;)

TOP

Q: How do I change Category Colors in bt-LogAnalyzer SE™?

  1. Open the bt-LogAnalyzer Web Interface
  2. Enter the password for the interface in the upper right corner
  3. Select 'Settings' then 'Properties' from the drop-down menu
  4. Click the Colors tab
  5. Select the appropriate Category
  6. Click the icon for the 'Category Color Properties' next to the red X on the right side
  7. Select a basic color or enter the RGB color numbers
  8. Click OK
TOP

Q: Setup Distributed Report Processing in bt-LogAnalyzer SE™?

The Distributed Report Processing feature allows bt-LogAnalyzer users to process reports on multiple machines and aggregate the processing into one report. Following are some benefits:

  1. Multiple servers can run reports against their own logs. This distributes the workload to run reports lowering Network Bandwidth (log data is not transferred).
  2. Only the summary of the report is sent back by the Remote Server to the Virtual Report Server reducing Network Bandwidth.
  3. The Distributed Report Processing feature provides a transparent (“LAN-like”) communications over Local Area Networks and Virtual Private Networks.

Following are the steps to setup and initiate this functionality:

  1. Select Settings | Properties from the drop down menu
  2. Click the Distributed Reports tab
  3. Select New Distributed Server from the left navigation pane
  4. Enter the name for the LogAnalyzer SE™ distributed (remote) server(s)
  5. Click OK
  6. Select Reports in the left navigation pane
  7. Select the appropriate report from the list
  8. Click the Advanced tab
  9. Check the box for Run this report at remote servers
  10. Click OK
TOP

REPORT CONFIGURATION

Q: How do I view LogAnalyzer SE™ output in Excel?

From the 'Reports' section of the interface, highlight your report and select the 'Export to 'XML' function from the Quick Nav Reports section on the left side of the interface.

You can then open the XML file via Excel and modify the report as needed.

TOP

Q: How do I generate a user count for a specific date range for a specific Log Source from LogAnalyzer SE™?

  1. Create a new report in LogAnalyzer SE™
  2. On the ‘Common Options’ tab, select ‘Global’ and clear all the checkmarks in the report types section. Select only ‘Top Web Sites'
  3. Configure the report date range and Log Source
  4. Ensure the ‘Maximum report lines’ is unchecked
  5. Generate the report and look at the Total for the 'Users' column
TOP

Q: How do I configure LogAnalyzer SE™ to automatically email reports to recipient(s)?

Configure your SMTP server in the LogAnalyzer SE™ settings:

  1. Click 'Settings' from the header menu of LogAnalyzer SE
  2. Navigate to the 'E-mail Options' tab
  3. Enter the Email address of the account to be used for sending email
  4. Enter the name of the SMTP server (IP address or DNS).This is the mail server that bt-LogAnalyzer SE™ will use to Email reports
  5. Enter the SMTP server port (Default is port 25)
  6. If your SMTP server requires authentication, select the checkbox and complete the 'SMTP Server Authentication Parameters' section
  7. Click “OK” to set these options

Configure the desired report to email upon report generation in the 'Distribution' tab:

  1. Navigate to the properties of the report you want to setup distribution for
  2. Click on the 'Distribution' tab

    Note: There are two options: (1) you can setup the reports to email them, or (2) you can save them to the local system, or a network drive (UNC Path).
  3. For emailing, configure the email recipient(s) that will receive the reports. These recipients can be added by selecting 'New Recipient' in the left-hand menu, while on the 'Distribution' tab page
  4. Click the 'Apply' button. Click the 'Ok' button
TOP

Q: How do I generate a report for the Top 10 Websites for the Top 10 users?

LogAnalyzer allows you to 'filter' on previously generated reports.

Top 10 Users 1:

  1. Select 'Reports | New Report' from the drop-down menu
  2. Enter a Name and Description (Top 10 Users)
  3. Ensure the 'Report Type' is set to 'Global'
  4. Check the box for 'Top Users Activity - Web Pages'
  5. Check the box for 'Maximum Report Lines' and enter 10
  6. Click 'Apply'
  7. Click the 'Customize' tab
  8. Click the 'Edit' button for 'Date/Time'
  9. Enter the required date/time interval for the report
  10. Click 'Apply' then 'OK'
  11. Click the 'OK' button to return to the main reports screen
  12. Run the report by clicking the green Start Report icon, right of the Report Description

Top Web Sites 2:

NOTE: Before proceeding with the following steps, ensure the 'Top 10 users' report has finished.

  1. Select 'Reports | New Report' from the drop-down menu
  2. Enter a Name and Description (Top 10 Web sites for the Top 10 Users)
  3. Click the option button for 'User Audit Detail'
  4. Check the box for 'Top Web Sites'
  5. Check the box for 'Maximum Report Lines' and enter 10
  6. Click 'Apply'
  7. Click the 'Customize' tab
  8. Click the 'Edit' button for 'Date/Time'
  9. Enter the required date/time interval for the report
  10. Click 'Apply' then 'OK'
  11. Click the 'Edit' button for 'Reports'
  12. Check the box for "Top 10 Users" Report you created in the previous section
  13. Click 'Apply' then 'OK'
  14. Click 'OK' again to return to the main report screen
  15. Run the report by clicking the green Start Report icon, to the right of the Report Description

This will display 10 'Top web Sites' sections, separate for each of the top 10 users.

TOP

Q: How do I generate an Email report for a specific email address?

  1. Create a new report by click on the 'New Report' option in the Quick Nav section on the left side of the report window
  2. Enter a name for the report
  3. Under 'Report Type' select 'User Audit Detail'
  4. Using the list of reports below, select the report/s for the detail you wish to see
  5. Click 'Apply' then select the 'Customize' tab
  6. Click 'Edit' next to the 'Users' section
  7. Select the ‘Individual users, groups…' option
  8. Click ‘New Email’ from the middle left of the screen
  9. Add the e-mail address and ‘OK’
  10. Click 'Apply' and 'OK'
  11. Click 'OK'
  12. Select the type of report that you want:

    User Audit Detail: User and Recipients

    'Top Users - Total Email Activity' - Displays total number of emails for each address
    'Top Users - Total Email Volume' - Displays total mail size for each email address
    'Top Users - Outbound Email Activity' - Displays total emails sent for each address
    'Top Users - Outbound Email Volume' - Displays total mail size for each address mail sent to
    'Top Users - Inbound Email Activity' - Displays total emails received from each address
    'Top Users - Inbound Email Volume' - Displays total mail size for each received from address
    'Top Outbound Email Addresses' - Displays top email addresses sent to
    'Top Inbound Email Addresses' - Displays top email addresses received from
    'Email Details' - Shows Date/Time, Sender, Recipients, Directions, and Size (KB) of each email

    Global: User Only

    'Top Users - Total Email Activity' - Displays total number of emails for each address
    'Top Users - Total Email Volume' - Displays total mail size for each email address
    'Top Users - Outbound Email Activity' - Displays total emails sent for each address
    'Top Users - Outbound Email Volume' - Displays total mail size for each address mail sent to
    'Top Users - Inbound Email Activity' - Displays total emails received from each address
    'Top Users - Inbound Email Volume' - Displays total mail size for each received from address
    'Top Outbound Email Addresses' - Displays top email addresses sent to
    'Top Inbound Email Addresses' - Displays top email addresses received from

TOP

INSTALLATION MAINTENANCE AND TROUBLESHOOTING

Q: How do I automatically update the Control List?

  1. In the LogAnalyzer SE user interface, Select ‘Categories’ | ‘Import Categories’
  2. Select the ‘Automatic Updates’ tab
  3. Ensure that the ‘Enable automatic update’ check box is enabled/checked
  4. Enter the desired time to download the Control List, and then select the desired recurrence. Be sure to leave the default download URL: http://www.burstek.com/release/v4
  5. If LASE is behind a proxy server that requires authentication for internet access, enter the necessary credentials in the ‘Run automatic updates as’ section, then click ‘Apply’
  6. If you would like to be notified of successful and/or failed attempts to download the Control List, you can navigate to the ‘Notification Delivery’ tab, and select the desired options

NOTE: The SMTP settings must be configured in the application for email notifications to function properly.

TOP

Q: How to perform a bt-LogAnalyzer SE™ Database backup?

NOTE: These steps require Microsoft SQL Server Management Studio. This can be downloaded for free from Microsoft here if you do not have the full version of SQL. If you use the Express version of SSMS you will not be able to automate the backup process however.

WARNING: Please ensure that a 'Settings Export' is performed immediately before or after the database backups to ensure information is in sync if a restore is ever needed.

  1. Open the Microsoft SQL Server Management Studio and Connect to the SQL server where bt-LogAnalyzer SE™ is installed
  2. Expand the 'Databases' container object
  3. Right click on the 'LAEE_Data' database and select 'Tasks -> Backup'
  4. Make the appropriate selections for your environment and click 'OK'
  5. Once the backup completes, perform the same steps above for the following 2 databases:
        - LAEE_Data
        - LAEE_Settings
  6. If you are using the SSMS application that comes with SQL Server, you may want to use the Maintenance Plan Wizard to create Automatic Periodic Database Backups
TOP

Q: How do I export bt-LogAnalyzer SE™ Settings?

NOTE: This procedure does not backup the bt-LogAnalyzer SE™ databases. Please perform a Database backup via SQL Server Management Studio

  1. Login to the bt-LogAnalyzer SE™ Interface by entering the password in the upper right corner
  2. Hover over 'Settings' on the top navigation bar
  3. Select 'Export Settings'
  4. Select the path to use for the export by using the 'Browse' button or type it in the field manually
  5. Click 'Export'
  6. When the 'Export Progress' indicates 'OK' for the three objects, click 'OK'
TOP

Q: How do I schedule automatic backups of bt-LogAnalyzer SE™ Settings?

NOTE: This procedure does not backup the bt-LogAnalyzer SE™ databases. Please perform a Database backup via SQL Server Management Studio

  1. Login to the bt-LogAnalyzer SE™ Interface by entering the password in the upper right corner
  2. Hover over 'Settings' on the top navigation bar
  3. Select 'Backup'
  4. Click the 'Enable automatic settings backup' option
  5. Click the 'Overwrite previous backups' option if you only want to keep the latest backup
  6. Select the path to use for the export by using the 'Browse' button or type it in the field manually
  7. Set the 'Schedule Details' options to your environments requirements
  8. Click 'Apply'
TOP

Q: How do I import settings into bt-LogAnalyzer SE™?

WARNING: Importing LASE Settings without restoring the Database to the time of the Settings Export could result in the application failing to function properly. Please make sure that a Database backup is performed for each new Settings Export.

WARNING: All existing settings will be deleted during the import process. Be sure to export the existing settings prior to performing the steps below.

  1. Login to the bt-LogAnalyzer SE™ Interface by entering the password in the upper right corner
  2. Hover over 'Settings' on the top navigation bar
  3. Click on 'Import Settings'
  4. Enter the path to the Exported Settings folder
  5. Make sure the correct format is chosen regarding the import files
  6. Click 'Import'
TOP

Q: How do I recover a lost password for the LogAnalyzer SE™ web interface?

If you lose your admin password for LogAnalyzer SE™, you'll need to manipulate the SQL database manually. The password is stored in the LogAnalyzer SE™ LAEE_Settings database in this table column: dbo.AppSettings.AdminPassword.
It is necessary to use SQL Server Management Studio or any similar tool for writing a new value into this field. The SQL management studio is not installed with the LogAnalyzer SE software, and requires a separate download from Microsoft.

The express version can be found at:

http://www.microsoft.com/downloadS/details.aspx?familyid=C243A5AE-4BD1-4E3D-94B8-5A0F62BF7796&displaylang=en

If you are using the full version of MS-SQL, please use the Management Studio version that is included with the software.

The password for the LogAnalyzer SE™ interface is located in the settings database. To retrieve the information, follow the steps below:

  1. Download and Install Microsoft SQL Server Management Studio if you do not currently have it installed
  2. Connect to the SQL server containing the LogAnalyzer SE™ Databases with the Management Studio application
  3. Open a query window and enter the following script
      USE LAEE_Settings
      SELECT [AdminPassword]
      FROM [LAEE_Settings].[dbo].[AppSettings]
      GO
    1. Execute the script
    2. Review the results window for the password

    NOTE: This script assumes the default name of the LAEE_Settings database. If a different DB name was supplied during the installation of LogAnalyzer SE™ then please make the proper modification to the [LAEE_Settings] entry.

    TOP

    Q: How do I perform a Fresh Install of LogAnalyzer SE™ and attach to existing Databases?

    1. Stop LogAnalyzer Services
    2. Backup existing LAEEConnectionStrings.config under Services and Web Interface
    3. If possible backup LASE Databases:
        a) LAEE_Data
        b) LAEE_Reports
        c) LAEE_Settings

      WARNING: If you are unable to backup the databases, you will have to detach them from the SQL Server to prevent them being deleted during the uninstall.

    4. Uninstall LogAnalyzer 7

      WARNING: Do Not perform step 5 if you have any other Burstek Application s installed on the server.

    5. Delete the 'Burst Technology' folder under 'Program Files'
    6. Reinstall LASE
    7. Specify new name for DB's. EX LAEE_Data_NEW. Failure to provide new database names may result in an error stating the files already exist
    8. Verify proper operation of Interface
    9. Stop LogAnalyzer Services
    10. Use SQL Management Studio to restore the databases backed up in step 3. Otherwise, detach the new Databases and attach the old databases
    11. Modify LAEEConnectionStrings.config to point to original DB names
    12. Start LogAnalyzer Services
    TOP

    Q: Why am I receiving the error 'Login failed for user 'NT AUTHORITY\NETWORK SERVICE' when using IIS 5.x with bt-LogAnalyzer SE™?

    How do I configure the process identity for the ASPNET account in bt-LogAnalyzer SE™

    When you install bt-LogAnalyzer SE™ on a server with IIS 5.x, you may receive an error when launching the bt-LogAnalyzer SE™ Web Interface stating that the 'MACHINE NAME\ASPNET' account does not have the ability to logon. To change the account being used by the ASPNET service for access to the bt-LogAnalyzer SE™ databases, follow the steps below.

    1. Navigate to the following location on the server:

      C:\WINDOWS\Microsoft.NET\Framework\version\CONFIG where version is the number corresponding to the version of NET installed
    2. Open the 'machine.config' file with notepad
    3. Update the following line to include the credentials for the account that has access to the bt-LogAnalyzer SE™ databases:

      system.web
        processModel userName="Domain\Account Name" password="Password for Account" autoConfig="true"/
    4. Save the files
    5. Open a Windows Command Prompt dialog and type 'IISRESET'
    6. Once the Web Server restarts, open the bt-LogAnalyzer SE™ Web Interface and verify functionality

      7. For more information on the IIS Work Process's please visit the following Microsoft KB article 895967

    TOP

    Q: Why am I receiving 'Login failed for user 'NT AUTHORITY\NETWORK SERVICE' when trying to access the LogAnalyzer SE™ interface?

    You may receive this error when the credentials of the user attempting to access the interface do not have permissions to the Databases on a remote SQL server and the LAEEAppPool Application pool identity is set to a local account on the Web Server.

    To resolve this issue, change the Identity of the LAEEAppPool to run as an account that has DBO rights to the three LASE databases:

    • LAEE_Data
    • LAEE_Reports
    • LAEE_Settings
    TOP

    Q: How do I control CPU utilization?

    LogAnalyzer SE™ makes use of multi-core CPU resources, but the number of threads created can be reduced to free resources for other applications on the server.

    By default, LogAnalyzer SE™ creates as many categorization 'threads' utilizing as many CPU cores as are installed on the machine. For instance, for a machine having a single Intel Core2 Quad (4 cores) CPU installed LogAnalyzer SE™ will create four categorization 'threads' so all CPU computing power will be utilized for categorization.

    You may limit the number of categorization threads by setting the
    'BurstTechnology.LogAnalyzerEE.DataCategorizer.MaxThreadCount' parameter to '3' in the LAEEAppSettings.config' file. This parameter determines maximum number of categorization 'threads' created and used by LogAnalyzer SE™. This will limit LA7 to using no more than 75% of total CPU computing power for the log data categorization.

    TOP

    Q: IronPort Logs – not found in dropdown menu?

    To load IronPort logs correctly into LogAnalyzer SE™, select 'Squid Cache' in the 'Log files format'

    TOP

About Us

Burstek's Web Security software provides Internet Filtering and web user Reporting that blocks and reports inappropriate web content from any users, students and employees.

Web Monitoring, Reporting & Filtering

Burstek iSuite

Burstek LogAnalyzer - Web Reporting

Burstek WebFilter - Web Filtering

Free Full Feature 30 day Trial

Contact Us

Burstek
Bonita Springs, FL 34135

800.709.2551 / 239.495.5900

Email: info@burstek.com