Hi, I know this for a fact: 1) Evential can NOT analyze pix log 7.0 and Netscreen 5.3. Furthermore, it can log analyze log from Cisco 12.3 either. www.high-tower.com is what tom needs. It gather all the logs from all devices on your network, analyze it and turn it into an IDS.
Reinhard Stich <[EMAIL PROTECTED]> wrote: hi, At 20:01 07.06.2005, cisco4ng wrote: >http://www.high-tower.com. > >This appliance is exactly what you need. It works with >Netscreen, Checkpoint, Cisco IOS, Pix, and much more. >Eventia only works with checkpoint. that's wrong, eventia is also able to analyze pix logs and others. but I think tom want's something different ... >Tom Louis wrote: >I am looking into possible solutions to putting all of >our logs into a single repository, I have been looking >at eventia which I like the product, it does a good >job of digging through the logs and making some >reports which turns your logs into an IDS. you can enable syslog on your checkpoint mgmt-station and have syslog information in the checkpoint log database, then eventia also gets these logs. >But I am also looking at sending the checkpoint logs >to a syslog server and I am curious is this possible >to have checkpoint ship logs off as syslog? there is no standard-feature. if you want the logs in real-time there you will need to script something. if you do a "fw log" on a module you see the logs as a text in the console - so you need to send this output via syslog ... cheers reinhard >We already have a huge syslog server and I would like >to use it also, but I can not find where to tell >checkpoint to ship out syslog. > >Thanks for your help > >Tom > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= > >__________________________________________________ >Do You Yahoo!? >Tired of spam? Yahoo! Mail has the best spam protection around >http://mail.yahoo.com > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= -- Reinhard Stich ASSIST [EMAIL PROTECTED] Internet Security AG, 1150 Wien, Johnstrasse 29 Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= --------------------------------- Discover Yahoo! Have fun online with music videos, cool games, IM & more. Check it out! ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
