RE: [fw-wiz] (no subject)

From: Dean Davis (Dean.Davis_at_mbg-inc.com)
Date: 03/23/04

  • Next message: Devdas Bhagat: "Re: [fw-wiz] outbound traffic security risk" 
    To: 'Hilal Hussein' <hilalma@hotmail.com>, firewall-wizards@honor.icsalabs.com
Date: Tue, 23 Mar 2004 09:19:16 -0500

    Hilal:

    Consider using Linux, or some Unix variant (FreeBSD, etc.) for Syslog.

    Windows is an inferior, and bulky platform for this sort of stuff. Syslog is
    enabled by default in Linux/Unix, and you can parse, and store the data to
    your heart's content using PERL/Awk/etc. Besides, you'll learn more.

     
    Thanks,

    Dean Davis, MCSE,MCDBA,CCNA,CNA,N+,Linux+
    Chief Instructor
    LinuxGenius, LLC.
    P. 203.543.8979
    F. 203.286.1983
    http://www.linuxcbt.net

    -----Original Message-----
    From: firewall-wizards-admin@honor.icsalabs.com
    [mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf Of Hilal
    Hussein
    Sent: Tuesday, March 23, 2004 3:42 AM
    To: firewall-wizards@honor.icsalabs.com
    Subject: [fw-wiz] (no subject)

    Dear List,

    i have cisco pix firewall that is sending it log data to a cisco syslog
    server (windowsxp workstation).
    it is working fine with me since it is a service, so i willl be sure that it

    is running whenever the server is up and running.

    But i have two questions concerning this syslog:
    1 - the log files are too big since everyfile contains the whole day logs,
    and since the file size is about 400 + Mb, i am not able to open it. kindly,

    is there any third party utility which i can use to manage (open, check,
    filter, ....) the log files of the cisco syslog?

    2 - is there any other syslog server which could work with the cisco pix
    firewalls, and which is a service and NOT an application?

    your fast respond is highly appreciated,

    with regards,
    Hilal

    _________________________________________________________________
    MSN 8 with e-mail virus protection service: 2 months FREE*
    http://join.msn.com/?page=features/virus

    _______________________________________________
    firewall-wizards mailing list firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Devdas Bhagat: "Re: [fw-wiz] outbound traffic security risk"

    Relevant Pages

    • RE: How can I get all IP transactions (in/out) logged?
      ... I am pretty sure freshmeat.net has a tool that uses iptables and puts it into a mysql database...try looking under "monitor" or "uptime" its there somewhere. ... With syslog logging, you will also probably want to look into a syslog ... #2 logs packets out ppp0 sourced from the router/host machine ... > in any of the system log files). ...
      (Debian-User)
    • RE: [fw-wiz] (no subject)
      ... If you are looking for just a syslog solution, I would suggest Kiwi Syslog, ... This e-mail transmission and any documents, ... - the log files are too big since everyfile contains the whole day logs, ... - is there any other syslog server which could work with the cisco pix ...
      (Firewall-Wizards)
    • Re: Help with NGREP to capture web traffic on a LAN with daily compressed files
      ... Syslog and the log files, ... If by "get my logger to run at boot time" you mean a script utilizing ...
      (comp.os.linux)
    • RE: Dumb question: Why are exceptions such as SIGSEGV not logged
      ... posts are from the view "if someone wants to DoS the log files, ... > bad programming practice. ... it would be nearly impossible to prevent syslog DoSes. ...
      (Linux-Kernel)
    • Re: How can I get all IP transactions (in/out) logged?
      ... Yes iptables can do this. ... With syslog logging, you will also probably want to look into a syslog ... #2 logs packets out ppp0 sourced from the router/host machine ... > in any of the system log files). ...
      (Debian-User)