6 Replies Latest reply on Jul 23, 2015 7:59 PM by hanif.solarwinds

    Need to extract top web users from TMG logs using LEM

    hanif.solarwinds

      Hi all,

      We just purchased Solarwinds to for our log monitoring.  There is new requirement to extract monthly top 10 web users through TMG 2010 logs using LEM.  Just wandering if anybody using LEM for similar usage?

        • Re: Need to extract top web users from TMG logs using LEM
          nicole pauls

          I'd try using the "Network Traffic Audit - Web Traffic by Source Machine" report. What this tells you is the most # of hits through the proxy server by source, but it doesn't tell you anything about duration of their surfing. If you need to know how long they were on certain sites, I don't think there's a good way to accumulate that data with LEM and the TMG logs.

          1 of 1 people found this helpful
            • Re: Need to extract top web users from TMG logs using LEM
              hanif.solarwinds

              Hi Nicole,

              I would like to gather the amount of bandwidth used and details per authenticated users.

              Current available TMG 2010 Web Proxy Log fields http://technet.microsoft.com/en-us/library/cc441708.aspx ARe these available to LEM when the connector configured?

               

              In summary I like to use following 11 fields are selected for top usage reporting:

               

               

              0                                   Client IP                                  ClientIP                                   c-ip

               

              1                                   Client Username                 ClientUserName                 cs-username

               

              4                                   Log Date                                 logTime                                  date

               

              5                                   Log Time                                 logTime                                  time

               

              7                                   Server Name                        servername                          s-computername

               

              13                                 Bytes Received                    bytesrecvd                            cs-bytes

               

              14                                 Bytes Sent                             bytessent                              sc-bytes

               

              18                                 URL                                           uri                                             cs-uri

               

              19                                 MIME Type                           mimetype                             cs-mime-type

               

              20                                 Object Source                      objectsource                        s-object-source

               

              36                                 URL Category                       UrlCategory                          UrlCategory

               

               

              Best of regards

               

              Hanif