Description of the reporting system and tools on the Astaro Security Gateway

  • Article ID: 115804
  • Updated: 24 May 2012

Description of the reporting system and tools on the Astaro Security Gateway.

Known to apply to the following Sophos product(s) and version(s)

Not product specific

Operating systems

v7, v8

Description of the reporting system and tools

RRD

One part of the reporting system is based on the RRDtool program. The reporting storage consists of several RRD databases storing average values of certain measurements. The data stored in those RRD databases is used to create the reporting graphs by the /usr/local/bin/create_rrd_graphs.pl script. 

The RRDtool is good for showing trends and averages, but is not good for displaying totals - having an average of 10 mails per hour is not the same as having a total of 240 emails per day. Therefore, we added another storage type:

ACCU
As a second type of storage, we implemented 'so-called' ACCU files. These provide accurate absolute numbers, but only over a time period of 30 days. The ACCU files contain data such as the number of login failures, the number of viruses caught, etc. The data is stored in 'buckets per day', so it is very easy to access a specific period of time like today, yesterday, the last seven days, etc.

ADBS
To complete our reporting set, we added the ADBS reporting storage in version 7.0. Since version 7.300, this has been based on the PostgreSQL database. There is database "reporting" which contains tables for what are considered to be our most interesting subsections, like web security, mail security, network accounting. Those tables contain events and their precise timestamps.

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments