Re: [fw-wiz] PIX Logging Analysis
From: John Adams (firstname.lastname@example.org)
From: John Adams <email@example.com> To: Paul Stewart <firstname.lastname@example.org> Date: Wed, 5 Mar 2003 13:50:56 -0800 (PST)
On Tue, 4 Mar 2003, Paul Stewart wrote:
> HI everyone..
> I'm new to the list and apologize if I'm asking a dumb question..:)
> We are looking at deploying Cisco PIX 501's for some smaller customers
> Hopefully someone will tell me that open source solutions exist for
> Linux.. At least I can hope... At the moment I am syslogging everything
> back via UDP but what exists to analyize this data?
I wrote a log analysis tool awhile back for Pixie that is open source, and
not complete, but it may provide some of the analysis you need.
It uses PHP and Mysql to parse and analyze Pix syslog data, then it
generates reports (like top # of denied hosts, # of denied ports, etc.)
All of the data is hyperlinked so you can browse and traverse the dataset.
It worked well for a small company I was at a year or two ago.
-- J. Adams http://www.retina.net/~jna The secret of knowing where you are, is knowing what time it is. -- Anonymous _______________________________________________ firewall-wizards mailing list email@example.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards