CS-Mars to analyze log

Unanswered Question
Jul 22nd, 2007

My network has Forescout, Checkpoint Provider-1, FWSM, IDSM-2. Now, I want to use CS-Mars to anylyze log for all devices. CS-Mars can do or not ? Please answer me.

I want to use 1 device to analyze log of all devices in my network.

Thank you for your answer.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
mogli Mon, 07/23/2007 - 02:01

hi,

you can integrate FWSM, IDSM-2 and Check-Point into the MARS by using description in the manual. i did this many times for these devices and it works fine.

i've never heared about forescout. is it possible to make forescout send syslogs (or snmp-traps) after the occurance of an event?

if yes, there would be the possibility to use custom parsers to get the box supported from the mars (at least some basic functions).

i can't appreciate how much effort it takes to create custom parsers for the forescout solution. the effort depends on how many different "messages" (syslogs or traps) the forescout sends to the MARS (you have to create a parser for each message itself).

kind regards,

mylove142 Tue, 07/24/2007 - 18:57

Thank you for your answer. If you know about the other programs to analyze log, you can talk to me. I search a tool to analyze log in my company.

Actions

This Discussion