EZproxy

Once logs are received into EventTracker, alerts and reports can be configured into EventTracker.

The following knowledge items are available in EventTracker to support EZproxy monitoring:

Reports

EZproxy - Allowed Traffic Details – This report provides information related to web traffic allowed by EZpoxy, including device name, client address bytes transferred, request type, requested URI, requested URL, user agent type and user agent details fields.
EZproxy - Denied Traffic Details – This report provides information related to web traffic denied by EZpoxy, including device name, client address, error type and error details fields.
EZproxy - Audit Log Purged - This category briefs an administrator about purging of EZproxy audit logs.
EZproxy - System Startup/Shutdown - This category briefs an administrator about EZproxy startup and shutdown.
EZproxy - Allowed Traffic – This KO assists in analysis of web traffic allowed through EZproxy.
EZproxy - Denied Traffic – This KO assists in analysis of web traffic denied through EZproxy.

Report:-

EZproxy - Intrusion Details – This report provides information related to detected intrusion attempts, including user name, source address and attack type fields.

Report:-

EZproxy - User Logon Details – This report provides information related to user logon/logoff events, including user name, source address, logon status and logon details fields.

The configuration details in this guide are consistent with EventTracker Enterprise version 7.X and later, EZproxy v6.X or later .

For more information please refer to the Integration guide.