ilto:[EMAIL PROTECTED]]
>Sent: Thursday, October 03, 2002 11:55 PM
>To: [EMAIL PROTECTED]
>Subject: Log Watcher For a PIX
>
>
>I recently brought up a PIX firewall and have all the logs directed to a
>Linux syslog server. I'm hoping you all can direct me towards a good lo
EMAIL PROTECTED]
Subject: Log Watcher For a PIX
I recently brought up a PIX firewall and have all the logs directed to a
Linux syslog server. I'm hoping you all can direct me towards a good log
watch
er / parser that will alert me to suspicious activity.
TIA
-Ben Corman
On 03/10/02 14:24 -0400, Ben Corman wrote:
> I recently brought up a PIX firewall and have all the logs directed to a
> Linux syslog server. I'm hoping you all can direct me towards a good log
> watcher / parser that will alert me to suspicious activity.
Well, you could go with syslog-ng and logch
Hi
Swatch and Logsurfer are both good products.
Try a google search on them as i do not remember the URL's
Good luck
-Naveed
-Original Message-
From: Ben Corman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 03, 2002 11:55 PM
To: [EMAIL PROTECTED]
Subject: Log Watcher For a PI
Shell scripting for custom pattern searching in syslog messages and alerting via
mail/web etc, would do the job.
But I'd like you to check Lire from www.logreport.org
Basically it is a log analyser for various log formats and all, including PIX.
I hope it is of some help to you :)
Regards
--
Ben Corman said:
Hello Ben,
One that I highly reccomend, and use in the same scenario as you - is
LogSentry, available from http://www.psionic.com/
Chip
> I recently brought up a PIX firewall and have all the logs directed to
> a Linux syslog server. I'm hoping you all can direct me towards a
I recently brought up a PIX firewall and have all the logs directed to a
Linux syslog server. I'm hoping you all can direct me towards a good log
watcher / parser that will alert me to suspicious activity.
TIA
-Ben Corman
