TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
If anyone is using SQL 2000, the sqlxml 3.0 is a real life saver, after few hours of creating stylesheets and a bit of tweaking (IIS 5.1 must be installed) the XML generated output looks fantastic, I suggest that if you have a webmaster, have him/her set up a couple of links to some xml queries in the report formats that you want (sort by source port & ip, destination port & ip, etc...) most competent webmasters should be able to whack it out in an hour or less. The SQL queries used in fast analysis are great examples of the stylesheets that you might want to have made. If this sounds too difficult to you, check it out, it really isn't at all. But I agree, ISS reporting sucks. Even if you send an email to [EMAIL PROTECTED] you not only get zilch back from them, but the enhancments that are made are complete crap (usually just bug fixes) -- how long have we wanted to select multiple events at once and change the responses? How about a *real* asset database that lets you change the name of "network_sensor_1", Or lets you report on versions or policies and stuff? I guess we could complain about this all day long, but at $10,000 a pop, network sensor should have ALL the bells and whistles. TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- I simply use access as a front end with ODBC connectivity to the SQL database and create customised reporting based on queries I have created. -----Original Message----- From: Super snort To: Lanzilotta, Chris S. (MBS); '[EMAIL PROTECTED]'; [EMAIL PROTECTED] Sent: 9/6/2002 3:34 PM Subject: RE: Site Protector Reporting TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ------------------------------------------------------------------------ ---- This is one of my biggest beef with ISS. They have a good engine in detecting intrusion, but does an absolutely poor job in building useful customized reports. Reports generated from WGM presents a lot of repetitive information, which clutters up the report for a security analysis. ISS provides a tool called Fast Analysis, which I personally rename to "Slow and cumbersome analysis". Reports generated cannot be automatically saved into a different format. To export the format, you will have to cut and paste into a spreadsheet, then "saved as" a different format. ISS, wake up! We need useful information, not raw data! Provide us a simple front end that will allow us to query the database, and customize the reporting layout. Recipient of these report varies from management to security analysis. Without this function, the presence of IDS is almost useless! Snort Snort --- "Lanzilotta, Chris S. (MBS)" <[EMAIL PROTECTED]> wrote: > >TO UNSUBSCRIBE: email "unsubscribe issforum" in the >body of your message to >[EMAIL PROTECTED] Contact [EMAIL PROTECTED] >for help with any problems! > ------------------------------------------------------------------------ ---- > >I would kill for this... Well maybe not kill, but >you get the point!!! > >This is just one of the sorely missed features that >should have been >released in SiteProtector from the start. I keep >hearing it will be in the >next release, whenever that is. > >-----Original Message----- >From: Simon Desmeules [mailto:[EMAIL PROTECTED]] >Sent: Thursday, September 05, 2002 2:51 PM >To: [EMAIL PROTECTED] >Subject: Site Protector Reporting > > > >TO UNSUBSCRIBE: email "unsubscribe issforum" in the >body of your message to >[EMAIL PROTECTED] Contact [EMAIL PROTECTED] >for help with any >problems! > ------------------------------------------------------------------------ ---- > >Hi, > >Site Protector doesn't come along with the reporting >function and wanted to >know if anybody has developed a custom Crystal >Report (.rpt) file to work >with the Site Protector RealSecureDB. If for >example I took a report policy >from the workgroup 6.6 manager and imported it into >Crystal Reports, is >there a way to change all the database values to >point to the new >RealSecureDB? > >best regards, >Simon. > > > > > __________________________________________________ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com ***************************************************************** The information transmitted is intended solely for the individual or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of or taking action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you have received this email in error please contact the sender and delete the material from any computer. **************************************************************** _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com
