Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 2 subscribers
  • Views 7292 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Stats by time and client

johnboy00
I've been using Sophos UTM at home, with a home license, for around a week now.  So far, I really like it a lot!  However, there's one thing I really want but can't seem to find:  Usage statistics by time AND client.  In other words, who's doing what and when.

For example, I would like a graph, by time, for today or yesterday or a specific date, that shows the top 5 or 10 client IP addresses using bandwidth and/or making requests.  It might look something like the attachment.

I'd also like to be able to drill down or filter on an IP address, where I would see bandwidth and requests for that IP address in a table, aggregated by hour.

Is there a report in Sophos UTM that does this already, and I just can't find it?  If not, is there any chance this might be included in a future release?

Thanks,
John


This thread was automatically locked due to age.
Parents
  • 0
    I believe this is where Scott was referencing a Splunk project for Sophos. I use Splunk as well but at a basic level. You could run this search;

    host="UTM NAME" srcip="*" | timechart count by srcip limit=10

    This would provide a visual like you requested using both Firewall and Proxy logs. [:)]
  • 0 in reply to DrewbleIT
    I believe this is where Scott was referencing a Splunk project for Sophos. I use Splunk as well but at a basic level. You could run this search;

    host="UTM NAME" srcip="*" | timechart count by srcip limit=10

    This would provide a visual like you requested using both Firewall and Proxy logs. [:)]


    I have a lot to learn where Splunk is concerned, but that search just about does it!  Thank you!!
  • 0 in reply to johnboy00
    I have a lot to learn where Splunk is concerned, but that search just about does it!  Thank you!!


    You're welcome. [:)]
Reply Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?