Reporting (OT?)

Unanswered Question

My apologies if this is off-topic for this forum. Our f/w is a 515e and it logs to a syslog server. My question for the group is do you know or use any kind of web reporting software?

We had an issue just recently where a laptop was severely infected with malware. The director wanted to know where the user had been as the history had been erased. I can use the logs produced by the Pix but as you know they can be a pain to compile into a report for a non-techie.

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Farrukh Haroon Thu, 08/14/2008 - 11:38

Do you want a syslog analysis tool for the PIX or for your AAA Server? If PIX (please see below) and if AAA/ACS have a look at 'extraxi'. They are a Cisco partner and they do a great job with ACS reporting.

This is from an older post:

Have you looked at Cisco MARS? (Its actaully a SEM)

http://www.cisco.com/en/US/products/ps6241/products_data_sheets_list.html

http://www.sawmill.net/features.html

(Found it to be pretty nice)

If you want a real-time (bandwith monitoring tool, fireplotter is pretty cool:

www.fireplotter.com

Alternates:

http://manageengine.adventnet.com/products/firewall/

(never tried it tough)

http://www.eventid.net/firegen/firegenpix2.asp

(had serious performance issues)

Some more:

http://www.windowsecurity.com/software/Firewall-security-log-analyzers/

Please rate if helpful

Regards

Farrukh

Actions

This Discussion