Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

Advice on a good logfile analyzer for ASA & FWSM (ACS)?

Hey All,

i am in need of working logfile analyzer for ASA and/or FWSM series log messages. I would prefer a linux based open source tool with the capabilities to highlight false logins and pipe the output into some kind of mail alert component. A huge plus would be the ability to parse Secure ACS output as well.

Thanks for reading

Roble

5 REPLIES
Cisco Employee

Re: Advice on a good logfile analyzer for ASA & FWSM (ACS)?

Bronze

Re: Advice on a good logfile analyzer for ASA & FWSM (ACS)?

Hey KS,

thanks for the quick answer. rsyslog looks like another logdeamon and my configuration with syslog-ng works out fine so far.

Maybe i overlooked something in the rsyslog docs but i need a log parser not a log deamon.

Roble

Cisco Employee

Re: Advice on a good logfile analyzer for ASA & FWSM (ACS)?

Sorry my bad. check this out: http://www.loganalysis.org/

We just use cat, grep, sed, awk and uniq to parse through syslogs.

-KS

Cisco Employee

Re: Advice on a good logfile analyzer for ASA & FWSM (ACS)?

Cisco MARS can also do it and run reports for you.

PK

Bronze

Re: Advice on a good logfile analyzer for ASA & FWSM (ACS)?

Hey PK,

i would like a MARS but unfortunately this solution is a bit oversized for the current demand. I actually found something which works pretty well allthough its a retail product.

http://www.manageengine.com/products/firewall/

Roble

2896
Views
0
Helpful
5
Replies