RE: [fw-wiz] (no subject)
From: Joshua M. Jones (jjones_at_isgwichita.com)
Date: 03/23/04
- Previous message: Tina Bird: "Re: [fw-wiz] (no subject)"
- Maybe in reply to: Hilal Hussein: "[fw-wiz] (no subject)"
- Next in thread: Crissup, John (MBNP is): "RE: [fw-wiz] (no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Melson, Paul" <PMelson@sequoianet.com>, "Hilal Hussein" <hilalma@hotmail.com>, <firewall-wizards@honor.icsalabs.com> Date: Tue, 23 Mar 2004 13:05:21 -0600
There are great tools out there that can read Pix syslog dumps from Kiwi
such as Reportgen for Pix firewall and also Sawmill. I have used both of
the products and will say that they do an excellent job.
-----Original Message-----
From: Melson, Paul [mailto:PMelson@sequoianet.com]
Sent: Tuesday, March 23, 2004 8:16 AM
To: Hilal Hussein; firewall-wizards@honor.icsalabs.com
Subject: RE: [fw-wiz] (no subject)
If all you want is a syslog server and and the ability to open large log
files in a Win32 environment, look into Kiwi Syslog Server. There is a
version that runs as a service, and it has a seperate logfile viewer
that will open large files. Kiwi is easily the most flexible syslog
server available, and it's dirt cheap. (http://www.kiwisyslog.com/) I
have deployed it in conjunction with traditional firewall analysis tools
that have their own syslog server just because Kiwi is that much more
flexible.
Beyond that, 400MB is a decent size for a 24hr PIX logfile. You may
want to consider looking into a firewall analysis tool to help you get a
better look at what's actually going on. For this, I personally prefer
(and often recommend to customers) eIQ FirewallAnalyzer or
FirewallAnalyzer Enterprise. (http://www.eiqnetworks.com)
PaulM
ObDisclaimer: The views above are my personal opinion and not
necessarily those of my employer, my maker, my wife, or anyone else to
whom I am beholden, blah-blah-blah. My employer is a reseller of eIQ
products, but I would and do recommend FA/FAE regardless. Don't believe
me? Don't believe me. Both eIQ products and Kiwi have free trial
downloads so you can see for yourself.
-----Original Message-----
Dear List,
i have cisco pix firewall that is sending it log data to a cisco syslog
server (windowsxp workstation).
it is working fine with me since it is a service, so i willl be sure
that it
is running whenever the server is up and running.
But i have two questions concerning this syslog:
1 - the log files are too big since everyfile contains the whole day
logs,
and since the file size is about 400 + Mb, i am not able to open it.
kindly,
is there any third party utility which i can use to manage (open, check,
filter, ....) the log files of the cisco syslog?
2 - is there any other syslog server which could work with the cisco pix
firewalls, and which is a service and NOT an application?
your fast respond is highly appreciated,
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Tina Bird: "Re: [fw-wiz] (no subject)"
- Maybe in reply to: Hilal Hussein: "[fw-wiz] (no subject)"
- Next in thread: Crissup, John (MBNP is): "RE: [fw-wiz] (no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
