Network Data Logging
LANScan Network Monitor supports logging of network data via Comma Separated Files(CSV files). Most any Windows application can read CSV files. By enabling Data Logging in LANScan you can obtain a permanent record of network activity easily reviewed in most any Windows application.
What is Logged?
LANScan logs all Events, network bandwidth utilization, protocol traffic levels and traffic by transmitting host. Basically, it’s the data you see on a Network Object, plus the Event History.
The data is logged in multiple files. A single Event log is created, while 3 files per Network object are created.
How Do You Enable Logging?
Enabling data logging is a three step process:
1> Enable Logging and set the logging frequency in the LANScan Settings dialog.
2> Enable logging in the configuration dialog of all Network objects for which you wish to log data.
3> Restart LANScan.
Enable Logging
From the Main Menu, select ‘Configuration’ then ‘System Settings’. Display the Log Sheet, by clicking on ‘Log’ on the bottom of the Dialog.
Click on the ‘Enable CSV Logging’ check box.
Select the frequency using the pull down list box. Logging frequency can be no faster than 5 minutes. Several choices are available, but the frequency is restricted to the choices shown in the list.
Click on ‘OK’ to save the changes.
Enable Logging for a Network Object
Display the Network Configuration dialog
Click on the ‘Enable Logging’ check box.
Save the configuration changes by clicking on ‘OK’.
Restart
Exit LANScan and restart.
Where is the Data Stored?
LANScan will automatically create a new folder in the same directory as your configuration database. The directory will be named <database>_log, where <database> is the name of your active configuration database.
In the folder, LANScan will create one or more files, depending on the logging selected.
LANScan will always create an Event File, named Event_<year>_<month>_<day>.txt, where
<year> is the current year(4 digits),
<month> is the current month(01 – 12),
and <day> is the current day of the month.
For each network object enabled for logging, LANScan will create three additional files:
NetSum_<NetworkName>_<year>_<month>_<day>.txt, where
<NetworkName> is the Network Object Name
<year> is the current year(4 digits),
<month> is the current month(01 – 12),
and <day> is the current day of the month.
NetProt_<NetworkName>_<year>_<month>_<day>.txt, where
<NetworkName> is the Network Object Name
<year> is the current year(4 digits),
<month> is the current month(01 – 12),
and <day> is the current day of the month.
NetConv_<NetworkName>_<year>_<month>_<day>.txt, where
<NetworkName> is the Network Object Name
<year> is the current year(4 digits),
<month> is the current month(01 – 12),
and <day> is the current day of the month.
If a file for the current day already exists in the folder, LANScan will append new data to the contents – otherwise the file will be created.
Log File Contents
All files are comma separated variable files. The first line in the file contains the field names.
Event File
Example:
Date-Time,Object,Event,Message
Jan-21-2000,12:01,"System","Monitor
started","Active",""
Jan-21-2000,12:01,"System","New IP device 192.168.100.25","Active","192.168.100.25"
Fields in the Event Log:
Date-Time – Time Event occurred
Object – System event, Network Event or Device Event
Event – Text description of the type of Event
Message – Further event details. For user configured Device and Network Events, this will contain the user message.
Network Summary(NetSum) File
There will be one record for each sample period added to this file
Example:
Date,Time,Bytes,Packets,%
Bandwidth
Jan-21-2000,12:05,0,0,0
Jan-21-2000,12:10,43436,499,0
Fields in the Network Summary file:
Date – Month-Day-Year sample was recorded
Time – Time sample was recorded
Bytes – Number of Bytes transmitted on the network during the last sample period.
Packets – Number of Packets transmitted during the last sample period.
% Bandwidth – Percentage of bandwidth used during last sample period
Network Conversation(NetConv) File
There will be one record for each network device that was active during the sample period added to this file – Note you will typically get several records for each sample period.
Example
Date,Time,Host MAC,Host IP,Host
IPX,Host DNS,Host LANScan,Bytes,Packets,% Bandwidth
Jan-21-2000,12:10,00:a0:cc:20:85:43,192.168.100.11,,LUBINSKY,9986,100,0
Jan-21-2000,12:10,00:40:05:e4:e4:23,192.168.100.25,,PAVILION6465,12675,170,0
Jan-21-2000,12:10,00:20:40:40:f3:fe,205.178.182.107,,205.178.182.107,8335,110,0
Fields in the Network Conversation file:
Date – Month-Day-Year sample was recorded
Time – Time sample was recorded
Host MAC – MAC address of the host device
Host IP – IP address of the host device
Host IPX – IPX Address of the host device
Host DNS – Domain name of the host device
Host LANScan – LANScan device object name of the host device
Bytes – Number of Bytes transmitted on the network during the last sample period.
Packets – Number of Packets transmitted during the last sample period.
% Bandwidth – Percentage of total network bandwidth used by this host device during last sample period
Network Protocol(NetProt) File
There will be one record for each network protocol that was active during the sample period added to this file – Note you will typically get several records for each sample period.
Example
Date,Time,Protocol,Bytes,Packets
Jan-21-2000,12:10,DNS (Domain
Name Service),4909,34,0.00
Jan-21-2000,12:10,HTTP (HyperText
Transfer Protocol),1234,4,0.00
Jan-21-2000,12:10,POP3 (Post Office Protocol v3),23415,331,0.00
Fields in the Network Conversation file:
Date – Month-Day-Year sample was recorded
Time – Time sample was recorded
Protocol – Name of Protocol
Bytes – Number of Bytes transmitted on the network during the last sample period.
Packets – Number of Packets transmitted during the last sample period.
Accessing Log Files
LANScan closes the log files when it is not posting data. You can open the files with any text editor to see the current data. Any of the files can also be imported in Windows applications like Microsoft Access, Microsoft Word and others.