Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

PIX syslog

HI there

I have a Cisco PIX 515E. I am able to retrieve the sys log from an AIX server, and i can break them in files by severity or by error code. Anyway it is still a lot of work to read all of these logs.

My question is simple. Is there any Cisco Software or any recommended software that will simplify the job of reading the logs?

Regards

2 REPLIES
Cisco Employee

Re: PIX syslog

Syslog server could be:

- Kiwi Syslog:

http://www.kiwisyslog.com/

- 30COM Deamon

http://www.ncat.co.uk/Download/

- There is also a Cisco Syslog Server which supports TCP Syslog 514 - pfss512.exe

http://www.cisco.com/cgi-bin/tablebuild.pl/pix?sort=release

Commercial products that creates graphs and analyzes Syslog to generate stats could be:

- FireGen http://www.eventid.net/firegen/

- Try this one FWLOGSUM (Freeware).

http://www.ginini.com/software/fwlogsum/

http://www.ginini.com/software/fwlogsum/converters/

It uses basicly PERL scripts and supports a wide range of Firewalls. You just need to install Perl in your Windows environment.

- Try Sawmill (Eval version)

http://www.sawmill.net/

- EIQ Networks Network Security Analyzer eiqnetworks.com

Hope that gives you some ideas what to try.

Regards,

Sushil

Community Member

Re: PIX syslog

If you are looking for a syslog solution there are a number of good syslog devices.

Log Logic is really nice and is an appliance and you can also get a 2T storage with it.

However, if you want to just have something correlate the logs for you and see the events that are possible issues. Check out CS-MARS.

It is actually better to use both solutions though. Store your logs on a syslog server and have CS-MARS correlate the events and show you what are possible threats.

140
Views
5
Helpful
2
Replies
CreatePlease to create content