Fastvue Reporter can be up and running in as little as five minutes following this simple installation guide.
Download Fastvue Reporter and install on a machine (or virtual machine) that meets our recommended requirements below.
Note: Fastvue Reporter is a resource intensive application by design in order to import data and run reports as fast as possible. We do not recommend installing Fastvue Reporter on a server that provides a critical network service such as a Domain Controller, DNS server, or DFS server. We recommend installing on a dedicated VM (virtual machine) so you can scale the resources appropriately.
To install Fastvue Reporter:
To upgrade an earlier version of Fastvue Reporter, simply run the new installer over the top of your existing installation. The installer will pick up your existing settings, so just click next throughout the wizard without making any changes. Once installed, browse to the site and clear the browser cache by hitting ctrl + F5 (cmd + R on Mac).
Note that it can take a few minutes for data to start importing again after upgrades and restarts of the Fastvue Reporter service. You can check the database initialisation progress in Settings | Diagnostic | Database.
If you need to deploy or upgrade Fastvue Reporter to silently or to multiple servers in an automated way, please see our comprehensive Reporter 4.0 PowerShell script.
To configure your Cisco Firepower devices to send syslog data to the Fastvue server:
Once a syslog server has been configured in Platform Settings, you need to configure your Access Policies to use this syslog server.
To do this:
Each individual Rule within your Access Policy also need to be configured to send syslog traffic to the syslog server.
To do this:
Add your firewall as a Source in Fastvue Reporter. This can be done on the start page that is presented after installation, or by going to Settings | Sources and clicking Add Source.
If your firewall is sending syslog data on port 514, click into the dropdown and wait a few seconds. The dropdown will populate with the name and/or IP of the device(s) sending syslog traffic to the Fastvue Server. Simply select your firewall from the list and click Add Source.
If your firewall is sending syslog data on a different port (not 514), Fastvue Reporter will not automatically display your firewall in the dropdown list. In this case, manually enter your firewall's IP and your selected syslog port into the options provided, then click Add Source.
Note: If entering your firewall and port manually, make sure the IP is the one your Fastvue Server is receiving syslog data from. This could be the IP of the internal LAN interface on your firewall, or if you have intermediate devices routing syslog traffic, it could be the interface IP of the last hop.
If you're unsure, you can a 'dummy' source with an invalid name (such as 'dummy') but specify the custom syslog port your firewall is sending syslog data on. Fastvue Reporter will then start listening on the port specified. You can then click Add Source again, and the dropdown list should populate with any device sending syslog data on your custom syslog port.
It may take 10-20 seconds before the first records are imported. You can watch the records and dates imported in Settings | Sources. Once records start importing, you can go to the Dashboard tab to see your network traffic.
Now you can try out the many features of Fastvue Reporter!