Re: [fw-wiz] Centrallizing logs
From: Rudy_D_Pereda@mail.dbf.state.fl.us
Date: 09/12/02
- Next message: Thom Dyson: "Re: [fw-wiz] Centrallizing logs"
- Previous message: m p: "Re: [fw-wiz] Centrallizing logs"
- Maybe in reply to: Rudy_D_Pereda@mail.dbf.state.fl.us: "[fw-wiz] Centrallizing logs"
- Next in thread: Alberto Cammozzo: "Re: [fw-wiz] Centrallizing logs"
- Reply: Alberto Cammozzo: "Re: [fw-wiz] Centrallizing logs"
- Reply: m p: "Re: [fw-wiz] Centrallizing logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: m p <sumirati@yahoo.de>, firewall-wizards@nfr.com, firewall-wizards-admin@honor.icsalabs.com, Rudy_D_Pereda@mail.dbf.state.fl.us From: Rudy_D_Pereda@mail.dbf.state.fl.us Date: Thu Sep 12 15:39:01 2002
MP,
Couldn't be that lucky, we still run IIS(4). On the NT side, have you used
any software to redirect NT event logs to a syslog server?
And thanks for your 2 cents. much appreciated.
rdp
|---------+---------------------------->
| | m p |
| | <sumirati@yahoo.d|
| | e> |
| | |
| | 09/12/2002 03:20 |
| | PM |
| | |
|---------+---------------------------->
>--------------------------------------------------------------------------------------------------------------------------------------------------|
| |
| To: Rudy_D_Pereda@mail.dbf.state.fl.us, firewall-wizards@nfr.com, firewall-wizards-admin@honor.icsalabs.com |
| cc: |
| Subject: Re: [fw-wiz] Centrallizing logs |
>--------------------------------------------------------------------------------------------------------------------------------------------------|
--- Rudy_D_Pereda@mail.dbf.state.fl.us schrieb: >
> I would like to centralize my logs to one server. The OS that I would be
> using would be FreeBSD 4.6. My environment consists of cisco
> routers/firewalls, freebsd running ipfilter and web servers running on
NT.
> I have two questions: 1) What syslog do you recommend?, 2) what software
do
> you recommend to check logs?
>
> Any info will be much appreciated,
>
> thanks to all in advance,
>
> rdp
>
>
As for the ciscos: They report all things via syslog.
As for ipfilter on FreeBSD: Via ipmon you can utilize syslog.
As for the web servers: Which one are you running? Apache can be talked
into to
log via syslog. I checked for IIS 4 (we are still running some of them
here
*sigh*) - it can of course not log to anything else then to a file. Perhaps
IIS
5 can do it - or you are not running IIS at all (if you are lucky).
For the questions:
1) I'm not a code monkey anymore. That was some years back in time ;). But
the
functionality and handling of syslog-ng is ok for me. The quality of the
code
is better approved by someone else.
2) Analog is quite handy. Originaly it is a web server log analyser. Some
people wrote scripts that you can analyse your
ipf/BIND/sendmail/qmail/postfix
as if they were web logs. Or you write your own script to convert your logs
to
what you want. Or use Perl and time to create a log tool to match _your_
requirements. The requierements may differ extremly.
Just my 2 cent.
Marc
__________________________________________________________________
Gesendet von Yahoo! Mail - http://mail.yahoo.de
Möchten Sie mit einem Gruß antworten? http://grusskarten.yahoo.de
- Next message: Thom Dyson: "Re: [fw-wiz] Centrallizing logs"
- Previous message: m p: "Re: [fw-wiz] Centrallizing logs"
- Maybe in reply to: Rudy_D_Pereda@mail.dbf.state.fl.us: "[fw-wiz] Centrallizing logs"
- Next in thread: Alberto Cammozzo: "Re: [fw-wiz] Centrallizing logs"
- Reply: Alberto Cammozzo: "Re: [fw-wiz] Centrallizing logs"
- Reply: m p: "Re: [fw-wiz] Centrallizing logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
