Log Analyzer

The Praetor package includes a Microsoft Access database application called the Praetor Log Analyzer. This prLog.MDB file is located in the main Praetor subdirectory, C:\Program Files\CMS Praetor G2 if Praetor was installed on local drive C.  You may copy this file to any machine that has Microsoft Access already installed and can access the SQL Server machine where the Praetor log database is found (the Praetor machine in most cases).  

This application has several useful reports that were developed to summarize and provide statistics of the email traffic that flowed through Praetor:

• Overall traffic summary

• How many messages were rejected, quarantined, accepted, re-directed, or returned to the sender.

• Sender domain report for email received from the Internet.

• Destination domain report for email sent to the Internet.

• Recipient address report for email delivered locally.

• Destination address report for email delivered to the Internet.

• Rule report for showing which messages were filtered or accepted.

• IP addresses of the most frequent sources of reverse NDR attacks.

And many more as you will see in this section.  Each report may be sorted alphabetically or by frequency.

After the proper data source has been specified the main screen for this Log Analyzer application will appear.

Main switchboard menu

Proceed to the Configuration page, which will show you how to initially set up the analyzer program with your SQL database server and local domain names.   The main sections accessible through the main switchboard menu that you see above are:

• Events to see what actions were taken on various messages and which rules caught them.

• Reports to see a summary of various message details such as domain names and recipient addresses.

• Special reports like the traffic summary and those which are IP-centric such as those for the Reverse NDR.

• Configuration of your SQL Server data source and defining the local domains

Note: