I am using fw1-loggrabber since jan-05 with no problems. You can connect this piece of software as a LEA agent, and then get logs in clear text, sent to the syslog.
Best regards On 4/13/07, Erik Gielow <[EMAIL PROTECTED]> wrote:
The logs generated by the checkpoint are "data" not ascii like a ordinary log. I think this is the problem. eg: the output of file command of splat. file 2007-02-22_163940_2.log 2007-02-22_163940_2.log: data Regards, Erik Gielow. On 4/13/07, Torkel Mathisen <[EMAIL PROTECTED]> wrote: > > Hi, > > Anyone here using NetForensics for collecting Checkpoint logs? > > I got a problem with the Checkpoint syslog messages. Apparently they are > slightly different than ordinary log messages and we get "unable to > parse". > > We use the Checkpoint syslog daemon so that we get syslogs from the > routers included in the SmartView Tracker. However those messages won't > parse in NetForensics. > > So if anyone tried this and got it to work I would appreciate any help. > > Regards, > Torkel > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > -- ------------------------------------ Erik Gielow SysAdmin - C.E.S.A.R. ------------------------------------ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
