Joe,
I am not sure what operating system you are using, but I use Sun Solaris
and turned on BSM (Basic Security Module) and then enabled the following
flags:
lo - login/logouts
nt - network connections
fd - deleted files
This was enabled on all machines in my network that I wanted to track on.
I then wrote a script to compile the logs into one log, then archive the
log to tape every night.
Hope this helps,
Scott McHenry
Sys Eng / CSC
-----------ORIG MSG-------------
Date: Thu, 31 Aug 2000 08:36:49 -0400
From: "Cosgriff, Joe" <[EMAIL PROTECTED]>
Subject: [FW1] Report for access to a specific machine
I have been asked to present a report on the "who" when accessing a certain
machine.
example: Customer wants to see a report on any and everyone trying to
access a single machine.
all IP's going to x.x.x.x (a specific machine).
I understand how to look at the log and query on the IP's but is there an
easy way to push this out to a report. I exported everything to a text
file
but it is some what extensive. There are, of course, many dups. Any help
would be greatly appreciated.
Joseph L. Cosgriff
[EMAIL PROTECTED]
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
