Hi All,
Back to my favourite subject ! I am now trying to consolidate all my
firewall (PIX & FW-1) logs to Ciscoworks.
(Ciscoworks has now replaced the KIWI syslog daemon which worked ok !)
Cisco stuff is easy as Cisco boxes have a syslog client and redirect the
log data via port 514 allow we can , but the dear old FW-1 is a problem as
I have an NT management station and no "syslog" client.
So, I use "fw logexport" to get a text based copy of the logs (formatted
for clarity), and ftp the text to a Unix box.
Using a script , syslog.conf, and "logger" there, I can get the data into
the Ciscoworks syslog file ("syslog_info") but it doesn't have the right
origin address, facility code, or severity level for Ciscoworks to pick it
up.
Does anyone else do this ? (send FW-1 logs to Ciscoworks that is)
If so use , any ideas how I get around the message identity problem ?
Cheers, Gordon
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
For Account Management (unsubscribe, get/change password, etc) Please go to:
http://lists.gnac.net/mailman/listinfo/firewalls
