Not every analysis project has all of the five log types. What log types you have in an analysis project depend on what analysis modules selected. Every analysis project, however, has the Global Log.Colasoft Capsa provides five types of logs by default. Each type focuses on one kind of application. The following table describes all five types of logs in the Log tab.
| Global Log | Collects logs of other log types in an analysis project. It contains three columns by default: Time, Protocol and Messages. |
| DNS Log | Logs the DNS query applications. It provides useful information like Time, Client, Client Port, Server,Server Port, Query, State and Result, etc. |
| Email Log | Whoever sends or receives an email on SMTP/POP3 will be logged. All log records contains Client Address, Client Port, Server Address, Server Port, CC, Size, Attatchment, Duration and Average Speed. Going through there records, you can check if there is any attack via email or email server attack. |
| FTP Log | Each item in logs is a record of uploading to or downloading from FTP server which contains 20 columns: Client Address, Client Port, Server Address, Server Port, Server, Client, Transmission Start Time, Transmission End Time, Duration (sec), Account, Operation Type, File, Transmission Mode, Total Bytes, Server Bytes, Client Bytes, Total Packets, Server Packets, Client Packets and Average Speed. These records help to check if the FTP transmission is working in order or if there is any FTP attack (uploading or downloading file to/from a host). |
| HTTP Log | Records all HTTP activities including: Client Address, Server Address, Request URL, Method, Status Code and Server Response. Look into these records, you can easily get web browsing activities records from a specific user to the whole network and check if there is any web attack (via port 80). |
Not every analysis project has all of the five log types. What log types you have in an analysis project depend on what analysis modules selected. Every analysis project, however, has the Global Log.
If you have a certain Log Type in the Log tab but without any record in it, you should check if the certain logging functionality enabled (See Log Settings).
|
Back |
| Copyright © 2001 - 2010 Colasoft. All rights reserved. |