Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
294
Views
4
Helpful
2
Replies

CS-Mars to analyze log

mylove142
Level 1
Level 1

‎07-22-2007 11:16 PM - edited ‎03-09-2019 06:26 PM

My network has Forescout, Checkpoint Provider-1, FWSM, IDSM-2. Now, I want to use CS-Mars to anylyze log for all devices. CS-Mars can do or not ? Please answer me.

I want to use 1 device to analyze log of all devices in my network.

Thank you for your answer.

Labels:
0 Helpful
2 Replies 2

mogli
Level 1
Level 1

‎07-23-2007 02:01 AM

hi,

you can integrate FWSM, IDSM-2 and Check-Point into the MARS by using description in the manual. i did this many times for these devices and it works fine.

i've never heared about forescout. is it possible to make forescout send syslogs (or snmp-traps) after the occurance of an event?

if yes, there would be the possibility to use custom parsers to get the box supported from the mars (at least some basic functions).

i can't appreciate how much effort it takes to create custom parsers for the forescout solution. the effort depends on how many different "messages" (syslogs or traps) the forescout sends to the MARS (you have to create a parser for each message itself).

kind regards,

mylove142
Level 1
Level 1
In response to mogli

‎07-24-2007 06:57 PM

Thank you for your answer. If you know about the other programs to analyze log, you can talk to me. I search a tool to analyze log in my company.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents