trying to see if i can use IEM to track web history.
Not easily. What is your use case?
If you’re licensed for IBM Endpoint Manager for Core Protection the Core Protection agent does HTTP Reputation scanning and can report back the list of visited sites on an endpoint.
If you’re not licensed for Core Protection you’re going to have to come up with something yourself.
I’d recommend using something like http://www.nirsoft.net/utils/browsing_history_view.html
The tool has a command line available and you could create a fixlet/task to dump the web history every couple of hours/days and then you can use an analysis to pull/parse the data.
1 Like
i see that in my core protection. right now it is disabled. would i have any issues activating. what i have been task to do is seeing who has accessed a specific website within the past 24-48 hours.
If the functionality was enabled and the analysis was disabled then you should get results if you just enable the analysis. If the functionality was disabled then enabling it will only provide history from the point in time you enable it and forward.
Your network firewall logs might be a better place to look for this information but that’s not always possible.
You might be stuck going with using something like what I linked before to scrap all the user profiles for web history information. Though that won’t show anything the user did in, 'Incognito" or private browsing modes.
once enable is there a setup we need to do. right now nothing appears.