Displaying Firewall Activity by Server
To display information on each of the servers on your system, select 1. Servers from the Rule Wizards screen (STRFW > 45) as shown in Building Firewall Rules with the Rule Wizards.
NOTE: This functionality is limited and differs significantly from the other Rule Wizards.
The Display User Activity (DSPFWUSRA) screen appears:
| Display User Activity (DSPFWUSRA) Type choices, press Enter. User . . . . . . . . . . . . . . > *ALL Name, *ALL Display last minutes . . . . . . *BYTIME Number, *BYTIME Starting date and time: Starting date . . . . . . . . *CURRENT Date, *CURRENT, *YESTERDAY... Starting time . . . . . . . . 000000 Time Ending date and time: Ending date . . . . . . . . . *CURRENT Date, *CURRENT, *YESTERDAY... Ending time . . . . . . . . . 235959 Time Server ID . . . . . . . . . . . *ALL *FILTFR, *FTPLOG, *FTPSRV... Output . . . . . . . . . . . . . * *, *PRINT-*PRINT9 Bottom F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys |
Enter information into the screen's fields:
User, <GrpPrf or '%GROUP'
The user or group requesting the activity. This can be a user name, a generic* name, a group name, a group profile, or *ALL for all users.
Display last minutes
To view activity in the immediate past, enter a number corresponding to the number of minutes that you would like to check. For example, to check activity in the past 120 minutes, enter 120 in this field. This value would override starting and ending date and time fields.
Starting date and time
Starting date
The day or date on which the included data begins.
Allowed values include:
- *CURRENT: The current date
- *YESTERDAY: Yesterday's date
- *WEEKSTR: The first day of the current week. By default, this is Sunday.
- *PRVWEEKS: The first day of the previous week
- *MONTHSTR: The first day of the current month
- *PRVMONTHS: The first day of the previous month
- *YEARSTR: The first day of the current year
- *PRVYEARS: The first day of the previous year
- *MON: Monday
- *TUE: Tuesday
- *WED: Wednesday
- *THU: Thursday
- *FRI: Friday
- *SAT: Saturday
- *SUN: Sunday
Starting time
The time on the Starting date at which the included data begins, in HHMMSS format.
Ending date
The day or date on which the included data ends.
Allowed values are the same as for Starting date.
Ending time
The time on the Starting date at which the included data ends, in HHMMSS format.
Server ID
The server that the activity is attempting to access. To see a list of possible values, press the F4 key.
Output
The destination for the output. To continue on the screen, leave it as the default asterisk ("*"). Set the field to a value from *PRINT1 through *PRINT9 to send it to another destination, as defined within iSecurity Base Configuration.
Press Enter to continue to the next screen. The Transaction Summary by Type for User screen appears:
| Transaction Summary by Type for User: *ALL Period: 04/03/20 - 04/03/20 Type options, press Enter. Not secured 2=Reject all 6=Reject all+Log rejects+FYI from default Secured+Not active L L F Secured+Active v o Y Opt Server Name/Description l g I Count Last Used *** Firewall Network Security *** FILTFR Original File Transfer Function SSHD SSH,SFTP,SCP- Secured CMD Entry,FTP FTPLOG FTP Server Logon FTPSRV FTP Server-Incoming Rqst Validation FTPCLN FTP Client-Outgoing Rqst Validation TFTP TFTP Server Request Validation REXLOG REXEC Server Logon REXEC REXEC Server Request Validation RMTSQL Original Remote SQL Server SQLENT Database Server - entry SQL Database Server - SQL access & Show A Y DBOPEN Open Database More... F3=Exit F8=Print F12=Cancel |
The body of the screen lists the servers available on the system. For each, the Server field shows a brief name for the server, and the Name/Description field contains a free-form text description.
Servers with text shown in purple are not secured by Firewall.
Servers shown in red are secured but not active. The display shows these additional fields for them:
Opt
To reject all activity via this server, set this field to 2.
To reject all activity, logging the rejected activity and running in FYI mode (as described in Running Firewall in FYI Simulation mode), set this field to 6.
Lvl
The level of security at the server. Possible values include:
- A: Allow
- F: Full
- U: User
Log
Shows Y if the server activity is logged.
FYI
Shows Y if the server is running in FYI mode.
Servers shown in green are secured with active protection from Firewall. The Lvl, Log, and FYI fields are shown as they are for the previous category. The Opt field is not used. In addition, they show these fields:
Count
The number of access requests for the server in the selected time frame.
Last Used
The date and time of the last access request in the selected time frame.