Table of Contents:
The Analyzer Tool collects information about the Network Protections usage (IPS / Application Control). The PM statistics information indicates which patterns out of all network protections were called into action (but not necessarily matched) and how many times.
The Analyzer Tool processes the statistic outputs and produces a clear HTML report based on that output. The report indicates which protections are causing critical, high or medium load on CPU and provides information regarding the load on Security Gateway per traffic type.
The Analyzer Tool is supported on R77 and above.
Please note that prior to version R81, only IPS protections are shown.
Starting with version R81, Application Control rules are also be shown.
Collect the relevant PM statistics per sk43733 - How to measure CPU time consumed by IPS protections - section "(1) IPS statistics" - sub-section "Show / Hide the procedure for versions R77 and above".
Compress the PM statistics output folder on Security Gateway:
[Expert@HostName:0]# cd /path_to_PM_statistics_output_folder/
[Expert@HostName:0]# tar cvf IPS_Statistics.tar <HH-MM-SS__MM-DD-YYYY>
Transfer the compressed PM statistics output folder (IPS_Statistics.tar) from Security Gateway to your computer and unpack it.
Run the Analyzer Tool on the unpacked PM statistics output folder:
Open Windows Command Prompt and run the following command from the folder into which you've copied Analyzer.exe
C:\> Analyzer.exe OFFLINE "DISK:\path_to_unpacked_statistics_output_folder"
Review the output files:
The Analyzer tool can be downloaded from the relevant CheckMates post here
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.