RE: [fw-wiz] (no subject)

• Previous message: Holger Kipp: "Re: [fw-wiz] outbound traffic security risk"
• Maybe in reply to: Hilal Hussein: "[fw-wiz] (no subject)"
• Next in thread: Devdas Bhagat: "Re: [fw-wiz] (no subject)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Hilal Hussein" <hilalma@hotmail.com>, <firewall-wizards@honor.icsalabs.com>
Date: Tue, 23 Mar 2004 09:15:38 -0500

If all you want is a syslog server and and the ability to open large log
files in a Win32 environment, look into Kiwi Syslog Server. There is a
version that runs as a service, and it has a seperate logfile viewer
that will open large files. Kiwi is easily the most flexible syslog
server available, and it's dirt cheap. (http://www.kiwisyslog.com/) I
have deployed it in conjunction with traditional firewall analysis tools
that have their own syslog server just because Kiwi is that much more
flexible.

Beyond that, 400MB is a decent size for a 24hr PIX logfile. You may
want to consider looking into a firewall analysis tool to help you get a
better look at what's actually going on. For this, I personally prefer
(and often recommend to customers) eIQ FirewallAnalyzer or
FirewallAnalyzer Enterprise. (http://www.eiqnetworks.com)

PaulM

ObDisclaimer: The views above are my personal opinion and not
necessarily those of my employer, my maker, my wife, or anyone else to
whom I am beholden, blah-blah-blah. My employer is a reseller of eIQ
products, but I would and do recommend FA/FAE regardless. Don't believe
me? Don't believe me. Both eIQ products and Kiwi have free trial
downloads so you can see for yourself.

-----Original Message-----
Dear List,

i have cisco pix firewall that is sending it log data to a cisco syslog
server (windowsxp workstation).
it is working fine with me since it is a service, so i willl be sure
that it
is running whenever the server is up and running.

But i have two questions concerning this syslog:
1 - the log files are too big since everyfile contains the whole day
logs,
and since the file size is about 400 + Mb, i am not able to open it.
kindly,
is there any third party utility which i can use to manage (open, check,

filter, ....) the log files of the cisco syslog?

2 - is there any other syslog server which could work with the cisco pix

firewalls, and which is a service and NOT an application?
your fast respond is highly appreciated,
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Holger Kipp: "Re: [fw-wiz] outbound traffic security risk"
• Maybe in reply to: Hilal Hussein: "[fw-wiz] (no subject)"
• Next in thread: Devdas Bhagat: "Re: [fw-wiz] (no subject)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]