Under Linux you can set your firewall (iptables) to log through syslogd. Syslogd can then be configured to forward to another machine.
Another option is to open an ssh connection from your logging machine to each of your firewall machines and pipe the logs into a local log file or an analysis program.
Brian
Tim Heagarty wrote:
Hey folks,
I have a potential client that is looking for a way to manage multiple, up to 50 or so, firewalls built on OpenBSD 2.9 and IP Filter. I can imagine a central aggregating console of some kind to consolidate logging results, status, whatever information can be gleaned from the boxes themselves plus IP Filter's output and statistics.
Any pointers on this kind of system, has someone already done it?
Thanks for the great ideas in advance,
Tim Heagarty MCSE, MCP+I http://www.TheaSecure.com/ "There are only 10 kinds of people in the world, those that understand binary, and those that don't." Work: (928) 636-0489 Cell: (928) 533-9690
-------------------------------------------------------------------
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.surfcontrol.com/go/zsfsbl1
------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfsbl1