Log files Pix & Chkpnt [7:63646]
Does anyone know of a product that will merge log files from multiple sources Snort, PIX, Checkpoint, etc...? I'm trying to centralize much of our security management responsibilities. Thanx, Mike J. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63646&t=63646 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Log files Pix & Chkpnt [7:63646]
Try www.micromuse.com or logboss at http://www.securityprofiling.com/logboss.htm. HTH, Charles wrote in message news:[EMAIL PROTECTED] > Does anyone know of a product that will merge log files from multiple > sources Snort, PIX, Checkpoint, etc...? > > I'm trying to centralize much of our security management responsibilities. > > Thanx, > Mike J. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63649&t=63646 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Log files Pix & Chkpnt [7:63646]
www.opensystems.com They make a product called Private-I.. It's bar-none the best info-correlation product out there. -- Scott M. Trieste Information Security Consultant p: 201.618.8977 [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] > Does anyone know of a product that will merge log files from multiple > sources Snort, PIX, Checkpoint, etc...? > > I'm trying to centralize much of our security management responsibilities. > > Thanx, > Mike J. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63658&t=63646 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Log files Pix & Chkpnt [7:63646]
Depends on what you are trying to do and what your budget is. You could always make use of commercial software such as NetCool (Micromuse etc), or just have a good old syslog server, and configure the pix / checkpoint etc, to log to the syslog using the same facility. This would merge all the data feeds into one file, which you could then analyse manually, or make use of some log analysis software [EMAIL PROTECTED] wrote: > > Does anyone know of a product that will merge log files from > multiple > sources Snort, PIX, Checkpoint, etc...? > > I'm trying to centralize much of our security management > responsibilities. > > Thanx, > Mike J. > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63694&t=63646 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]