Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Log Analysis for ASA & AIP-SSM

What is the best tool to gather syslogs from multiple Cisco ASAs & Cisco IPS.

Preferably I would like to use a single machine to get logs from 4 firewalls, 2 IPSs and multiple Web/DB servers running Apache & mysql.

What solution would you recommend for log archival, log Analysis and Report Generation for these many logs.

Thanks

D.

2 REPLIES
Anonymous
N/A

Re: Log Analysis for ASA & AIP-SSM

PIX 7.0 has introduced very granular filtering techniques to allow only certain specified syslog messages to be presented. The Basic Syslog section of this document demonstrates a traditional syslog configuration. The Advanced Syslog section of this document shows the new syslog features in 7.0.

https://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml

Silver

Re: Log Analysis for ASA & AIP-SSM

"Preferably I would like to use a single machine to get logs from 4 firewalls, 2 IPSs and multiple Web/DB servers running Apache & mysql.

What solution would you recommend for log archival, log Analysis and Report Generation for these many logs. "

Syslog-ng and Simple Event Correlation (SEC). Both of these are freeware.

481
Views
0
Helpful
2
Replies