Wfquery

Latest revision as of 15:46, 8 May 2023

[edit] 1 Internet Usage Monitoring

The "Internet Usage Monitoring" module records internet activities, including:

Web Surf
Web Post
Outgoing Emails
Incoming Emails
File Upload History
File Download History
IM Accounts
FTP/Telnet Sessions
IP-MAC History
Connection Details

This module works both in "gateway mode" and "bridge mode". Enterprise license is required.

[edit] 2 Recording Policy

For every client, multiple policies can be applied. For example:

A policy: record web surfing for a whole subnet.
B policy: enable "email recording" for a special IP in this subnet.

For this ip, both "web surfing recording" and "email recording" will be enabled.

Detailed "recording policy" settings are described in below.

[edit] 2.1 Web Recording

Web Surf: record titles of visited web pages for http websites. For https websites, only domains will be recorded in default. To record https webpages, please check "SSL Inspector".
Web Post: record web post content for http websites. To record https websites posts, please check "SSL Inspector".
Web Post Size Limit: no recording of web post exceeds size limit.
Smart Filter: With this feature enabled, WFilter will not record visits by non-human. (Not 100% accurate)
Domains Exception: no recording of domains in the exception list. Wildcards "*?" are supported.

[edit] 2.2 Email Recording

Emails supported: SMTP, POP3, IMAP4 and outgoing web-based emails.
For emails exceed size limit, only subject/from/to will be recorded.
To record ssl emails(SMTP/POP/IMAP over SSL), please check "SSL Inspector".

[edit] 2.3 File Transfers

File transfers supported: FTP upload, FTP download, Web download, Web upload.
WFilter only records filenames/URLs of downloaded files. While full file content can be recorded for uploading files.
For uploading files exceed size limit, only filenames can be recorded.
To record files via https, you need to enable "HTTPS Inspector".

[edit] 2.4 Others

Options to enable IM acounts and FTP/Telnet sessions.

Only QQ messenger IDs can be recorded.
When "FTP/Telnet Sessions" is enabled, sent FTP/Telnet commands can be recorded.
IP-MAC History: daily IP-MAC address history.
Connections: detail of TCP connections history.

[edit] 3 Advanced Settings

[edit] 3.1 System

IPv6: enable recording of IPv6 activities.
Database Commit: the database commit frequency.
Additional Webmail Domains: Custom webmails to be recorded.
Protocol Ports, customize protocols ports for HTTP, HTTPS, POP3, IMAP4 and SMTP.

@@ Line 1: / Line 1: @@
-{{DISPLAYTITLE:Internet Usage}}
+{{DISPLAYTITLE:Internet Usage Monitoring}}
-= Recording Policy =
+== Internet Usage Monitoring ==
-* 设置需要记录的内容，如果应用对象对应了多个记录级别，则对应的记录级别一起生效。
+The "Internet Usage Monitoring" module records internet activities, including:
-== Record Content ==
+* Web Surf
+* Web Post
+* Outgoing Emails
+* Incoming Emails
+* File Upload History
+* File Download History
+* IM Accounts
+* FTP/Telnet Sessions
+* IP-MAC History
+* Connection Details
+This module works both in "gateway mode" and "bridge mode". Enterprise license is required.
+[[File:Wfrecorder_query1.png|800px]]
+[[File:Wfrecorder_query2.png|800px]]
+[[File:Wfrecorder_query3.png|800px]]
+[[File:Wfrecorder_queryftp.png|800px]]
+[[File:Wfrecorder_queryim.png|800px]]
+[[File:Wfrecorder_querysessions.png|800px]]
+[[File:Wfrecorder_querysessions.png|800px]]
+[[File:Wfrecorder_queryconnections.png|800px]]
+== Recording Policy ==
+For every client, multiple policies can be applied. For example:
+* A policy: record web surfing for a whole subnet.
+* B policy: enable "email recording" for a special IP in this subnet.
+For this ip, both "web surfing recording" and "email recording" will be enabled.
+Detailed "recording policy" settings are described in below.
 === Web Recording ===
-<p>'''网页浏览记录'''：记录访问的web网页标题，该功能不能记录https网站的页面标题（只记录域名），如需记录https网页的页面标题，请启用“HTTPS监控”。</p>
+* '''Web Surf''': record titles of visited web pages for http websites. For https websites, only domains will be recorded in default. To record https webpages, please check [[Sslinspect|"SSL Inspector"]].
-<p>'''网页粘贴记录'''：记录通过网页发送的内容，比如论坛发帖、网页附件上传等。可以对记录内容的大小进行设置。该功能不能记录https网站的发送内容，如需记录https网页的发送内容，请启用“HTTPS监控”。</p>
+* '''Web Post''': record web post content for http websites. To record https websites posts, please check [[Sslinspect|"SSL Inspector"]].
-<p>'''HTTPS监控'''：该功能可以监控https网站的网页浏览和网页粘贴的内容。HTTPS监控基于中间人拦截的技术，会把https网站的原始证书替换掉，从而解密其内容。为了使客户机的浏览器不提示证书告警信息，您可以在“高级配置”中下载证书并导入客户机的“受信任的根证书颁发机构”。</p>
+* '''Web Post Size Limit''': no recording of web post exceeds size limit.
-<p>'''智能过滤Web记录'''：自动过滤掉非人工访问的网址。该功能由程序自动进行判断，可以有效过滤掉一些非人工访问的网站，不过不能100%过滤掉。</p>
+* '''Smart Filter''': With this feature enabled, WFilter will not record visits by non-human. (Not 100% accurate)
-<p>'''不记录的域名'''：任何与配置在列表中的域名有关的内容将不被记录。</p>
+* '''Domains Exception''': no recording of domains in the exception list. Wildcards "*?" are supported.
-[[文件:Wfrecorder_setweb.jpg]]
+[[File:Wfrecorder_setweb_en2.png|650px]]
 === Email Recording ===
-<p>'''邮件发送记录'''：记录发送的邮件内容，支持SMTP、POP3、IMAP4和发送的网页邮件。如需记录SSL邮件，您需要启用“SSL邮件监控”功能。否则不记录通过SSL加密的客户端邮件内容。超过大小限制的邮件不会被记录。</p>
-<p>'''邮件接收记录'''：记录接收的邮件内容，支持SMTP、POP3、IMAP4。如需记录SSL邮件，您需要启用“SSL邮件监控”功能。否则不记录通过SSL加密的客户端邮件内容。超过大小限制的邮件不会被记录。</p>
-<p>'''SSL邮件监控'''：该功能用于监控SSL加密的客户端邮件，如需监控https的网页邮件，需要启用“HTTPS监控”功能。同“HTTPS监控”功能用于，“SSL邮件监控”会替换掉原始证书，从而导致某些邮件客户端产生告警信息。</p>
-[[文件:Wfrecorder_sermail.jpg]]
-== 高级设置 ==
+[[File:Wfrecorder_sermail_en.jpg|650px]]
-* 该页面可以对一些高级的选项进行设置。
-[[文件:Wfrecorder_advanced.jpg]]
+* Emails supported: SMTP, POP3, IMAP4 and outgoing web-based emails.
-=== 证书设置 ===
+* For emails exceed size limit, only subject/from/to will be recorded.
-* 可以查看当前证书的信息，并且重新生成证书和下载证书。该证书会用于在“SSL监控”中替换网站的现有证书，您可以下载该证书并导入到客户机的“受信任的根证书颁发机构”，从而使客户机浏览器不再出现证书告警。
+* To record ssl emails(SMTP/POP/IMAP over SSL), please check [[Sslinspect|"SSL Inspector"]].
-<p>'''生成证书'''：填写相对应的信息后，会根据填写的信息生成一个证书，其中“国家”，“省份”，“城市”，“组织”和“通用名”是必填项，填写时只能输入英文字符。</p>
-<p>'''下载证书'''：可以下载当前证书，导入到客户机的“受信任的根证书颁发机构”后，客户机浏览器不再出现证书告警。</p>
+=== File Transfers ===
-[[文件:Wfrecorder_setcrt.jpg]]
+[[File:Wfrecorder_settings_ftp.png|650px]]
+* File transfers supported: FTP upload, FTP download, Web download, Web upload.
+* WFilter only records filenames/URLs of downloaded files. While full file content can be recorded for uploading files.
+* For uploading files exceed size limit, only filenames can be recorded.
+* To record files via https, you need to enable "HTTPS Inspector".
+=== Others ===
+[[File:Wfrecorder_settings_other.png|650px]]
+Options to enable IM acounts and FTP/Telnet sessions.
+* Only QQ messenger IDs can be recorded.
+* When "FTP/Telnet Sessions" is enabled, sent FTP/Telnet commands can be recorded.
+* IP-MAC History: daily IP-MAC address history.
+* Connections: detail of TCP connections history.
+== Advanced Settings ==
+=== System ===
+* '''IPv6''': enable recording of IPv6 activities.
+* '''Database Commit''': the database commit frequency.
+* '''Additional Webmail Domains''': Custom webmails to be recorded.
+* '''Protocol Ports''', customize protocols ports for HTTP, HTTPS, POP3, IMAP4 and SMTP.
-=== 系统设置 ===
+[[File:Wfrecorder_advanced_en2.png]]
-<p>'''开启调试模式'''：可以开启调试模式并查看日志文件进行调试。</p>
-<p>'''监控缓存大小'''：用于监控和记录的缓存区域大小，需要根据被监控机器的台数和记录内容的多少去设置。</p>
-<p>'''数据库提交'''：数据库提交频率。反复对数据库进行提交会占用大量系统资源，我们会根据修改的次数去进行提交，先将提交记录在临时文件中，满足配置的次数后再进行提交，可以减轻系统资源的消耗。</p>
-[[文件:Wfrecorder_setsystem.jpg]]

Wfquery

Latest revision as of 15:46, 8 May 2023

Contents

[edit] 1 Internet Usage Monitoring

[edit] 2 Recording Policy

[edit] 2.1 Web Recording

[edit] 2.2 Email Recording

[edit] 2.3 File Transfers

[edit] 2.4 Others

[edit] 3 Advanced Settings

[edit] 3.1 System

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Tools