Flex Connector Websense WSG 7.5 full logs

1 Likes

ID-Based Database Flex connector to consume Websense logs from a MS SQL Server database

Notes:

  • The database account that you run the connector with must have db_datareader on all partitions of the websense database.  Default name is wslogdb70.  Partitions are wslogdb70_1, and so on.
  • The database account must have execute rights on the dbo.inttoip function

Updated 10/17/2011:

* Now puts full category instead of just parent category for site category

* Fixed issue where arcSight was doing reverse DNS lookup up destination IP  instead of using destination url.

Comment List
Anonymous
Parents
  • We don't use browse time.  However, looking at the views in the Websense database, it appears taht there is a view called "TREND_BROWSE_TIME" with columns Start_Date, LAST_START_TIME, BROWSE_TIME and USER_ID.

    I imagine that you could figure out a way to pull that into ArcSight, but it might have to be a separate connector.

Comment
  • We don't use browse time.  However, looking at the views in the Websense database, it appears taht there is a view called "TREND_BROWSE_TIME" with columns Start_Date, LAST_START_TIME, BROWSE_TIME and USER_ID.

    I imagine that you could figure out a way to pull that into ArcSight, but it might have to be a separate connector.

Children
No Data
Related Discussions
Recommended