Yes.
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/
-----Original Message-----
From: Fei Yang [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 09, 2002 10:28 AM
To: [EMAIL PROTECTED]
Subject: RE: PIX 515
I'm interesting in that MRTG application. Can I download it from the Internet?
Thanks.
-----Original Message-----
From: Daniel Crichton [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 09, 2002 11:15 AM
To: Matthew Carpenter
Cc: [EMAIL PROTECTED]
Subject: Re: PIX 515
On 9 Apr 2002 at 9:55, Matthew Carpenter wrote:
> We JUST put this sucker in, and I am interested in what types of
> monitoring logs it offers. Can I access them aside from the console? Or is
> it very similar to router maintenance? TIA
Get yourself a syslog server set up, it's almost impossible to do anything
easily with the console. If you're using Windows for admin then get Kiwi
Syslog, it's great.
Once you've got the logs you'll need something to parse them, and that's
when it becomes interesting. I've tried all sorts of reporting and never
really found one I've liked, nearest was WebTrends Firewall Suite.
You'll need to play around with the syslog options to get the data you
need though - you can log everything from critical events (shutdown of
PIX) all the way to "debug" level (eg. URLs being accessed, names of files
transferred over FTP), but on a busy network the full logging can take up
a lot of space. Set the level you need on the PIX itself to reduce
traffic, but also look at setting options on the syslog server to filter
specific messages (eg. I have Kiwi logging all denied connections to a
second log file so I can parse that instead of the full one when looking
for simple intrusion attempts and port scans).
You can also use SNMP to get other monitoring information - I use MRTG on
my PIX515 to get the number of concurrent connections and the incoming and
outgoing bandwidth usage to watch for potential bottlenecks.
The PIX itself has some data that I don't think you get any other way
except via the console - for instance you can use "show conn" to output
the current list of active connections through the PIX. I might be tempted
to build a quick little VB app to allow me to get this data whenever I
need at the click of a button by passing the console commands instead of
me typing them, and produce reports just for quick snapshots, unless
someone out there knows of an easier way to get at this.
Dan
---
D.C. Crichton email: [EMAIL PROTECTED]
Senior Systems Analyst tel: +44 (0)121 706 6000
Computer Manuals Ltd. fax: +44 (0)121 606 0477
Computer book info on the web:
http://computer-manuals.co.uk/
Want to earn money? Join our affiliate network!
http://computer-manuals.co.uk/affiliate/
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
