cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
327
Views
5
Helpful
2
Replies

PIX syslog

KlediBodinaku24
Level 1
Level 1

HI there

I have a Cisco PIX 515E. I am able to retrieve the sys log from an AIX server, and i can break them in files by severity or by error code. Anyway it is still a lot of work to read all of these logs.

My question is simple. Is there any Cisco Software or any recommended software that will simplify the job of reading the logs?

Regards

2 Replies 2

suschoud
Cisco Employee
Cisco Employee

Syslog server could be:

- Kiwi Syslog:

http://www.kiwisyslog.com/

- 30COM Deamon

http://www.ncat.co.uk/Download/

- There is also a Cisco Syslog Server which supports TCP Syslog 514 - pfss512.exe

http://www.cisco.com/cgi-bin/tablebuild.pl/pix?sort=release

Commercial products that creates graphs and analyzes Syslog to generate stats could be:

- FireGen http://www.eventid.net/firegen/

- Try this one FWLOGSUM (Freeware).

http://www.ginini.com/software/fwlogsum/

http://www.ginini.com/software/fwlogsum/converters/

It uses basicly PERL scripts and supports a wide range of Firewalls. You just need to install Perl in your Windows environment.

- Try Sawmill (Eval version)

http://www.sawmill.net/

- EIQ Networks Network Security Analyzer eiqnetworks.com

Hope that gives you some ideas what to try.

Regards,

Sushil

pplsi
Level 1
Level 1

If you are looking for a syslog solution there are a number of good syslog devices.

Log Logic is really nice and is an appliance and you can also get a 2T storage with it.

However, if you want to just have something correlate the logs for you and see the events that are possible issues. Check out CS-MARS.

It is actually better to use both solutions though. Store your logs on a syslog server and have CS-MARS correlate the events and show you what are possible threats.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: