Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Netsweeper - Checking Logs

            Modified on Wed, 22 May at 1:02 PM 

            This article provides information on checking logs on Netsweeper. For this article, you require:
- A Netsweeper account.


            It is important to remember that while the logs may show an inappropriate site, this could have been a blocked advert or a process in the background. The logs should be used in parallel with safeguarding products such as Senso!



            1) Go to your Netsweeper account and log in. (The URL is different for various schools.)



            2) Go to Reports -> Custom Report.


            3) Fill in the following fields:

            Name - Whatever you wish to name the report.

            Description - However you wish to describe the report.

            Report Type - Keep it as Demand

            Date Range - Placed in the from and to dates/times you wish to use. (Place at least 10 minutes before and after the incident to gain an accurate understanding from the logs.)


            Filters - Select Add Filter and add in the field which you wish to filter by such as IP Address of the device (Client IP Address), Name of the device (Client Name). You can then set the CONDITION such as equal to and the VALUE of what you are searching for.


            In most cases it is reliable to do:

            For the filters, choose
            Field: 'Client IP'
            Condition: 'Equal to'
            Value: (Found on your Netsweeper alert if that is what your investigating)



            The report Output is set by selecting ADD REPORT DETAILS and then going to FIELDS and adding the columns you wish to view such as Date, URI and Search terms. If you are unsure, you should add every column.


            To determine if something was blocked, look at the Denied Flag column and the Protocol column:

                  These are the ones to look at:
                  Denied Flag: Denied            Protocol: https Meaning: Access to the website or search results was blocked
                  Denied Flag: Enabled          Protocol: https Meaning: Access to the website or search results was allowed

                  These are the ones to ignore in this instance:
                  Denied Flag: Denied            Protocol: decrypt Meaning: Access to the website or search results was packet inspected (has not affected on being blocked or not)
                  Denied Flag: Enabled          Protocol: decrypt        Meaning: Access to the website or search results was NOT packet inspected (has not affected on being blocked or not)


            Remember to click save.


            Any questions please visit help.concero.education


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0