RE: [fw-wiz] (no subject)

From: Melson, Paul (PMelson_at_sequoianet.com)
Date: 03/23/04

  • Next message: Don Kendrick: "Re: [fw-wiz] outbound traffic security risk"
    To: "Hilal Hussein" <hilalma@hotmail.com>, <firewall-wizards@honor.icsalabs.com>
    Date: Tue, 23 Mar 2004 09:15:38 -0500
    
    

    If all you want is a syslog server and and the ability to open large log
    files in a Win32 environment, look into Kiwi Syslog Server. There is a
    version that runs as a service, and it has a seperate logfile viewer
    that will open large files. Kiwi is easily the most flexible syslog
    server available, and it's dirt cheap. (http://www.kiwisyslog.com/) I
    have deployed it in conjunction with traditional firewall analysis tools
    that have their own syslog server just because Kiwi is that much more
    flexible.

    Beyond that, 400MB is a decent size for a 24hr PIX logfile. You may
    want to consider looking into a firewall analysis tool to help you get a
    better look at what's actually going on. For this, I personally prefer
    (and often recommend to customers) eIQ FirewallAnalyzer or
    FirewallAnalyzer Enterprise. (http://www.eiqnetworks.com)

    PaulM

    ObDisclaimer: The views above are my personal opinion and not
    necessarily those of my employer, my maker, my wife, or anyone else to
    whom I am beholden, blah-blah-blah. My employer is a reseller of eIQ
    products, but I would and do recommend FA/FAE regardless. Don't believe
    me? Don't believe me. Both eIQ products and Kiwi have free trial
    downloads so you can see for yourself.

    -----Original Message-----
    Dear List,

    i have cisco pix firewall that is sending it log data to a cisco syslog
    server (windowsxp workstation).
    it is working fine with me since it is a service, so i willl be sure
    that it
    is running whenever the server is up and running.

    But i have two questions concerning this syslog:
    1 - the log files are too big since everyfile contains the whole day
    logs,
    and since the file size is about 400 + Mb, i am not able to open it.
    kindly,
    is there any third party utility which i can use to manage (open, check,

    filter, ....) the log files of the cisco syslog?

    2 - is there any other syslog server which could work with the cisco pix

    firewalls, and which is a service and NOT an application?
    your fast respond is highly appreciated,
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Don Kendrick: "Re: [fw-wiz] outbound traffic security risk"