Security Basics mailing list archives

RE: Other way to view PIX syslog ?

From: "Trevor Cushen" <Trevor.Cushen () sysnet ie>
Date: Mon, 11 Nov 2002 09:14:05 -0000


I agree with Chris, Perl is indeed your friend.  I would use a web
interface which I find easier for this type of work.

There is a product called sysklogd which will run on a linux machine and
place your logs into mysql.  Then the Perl and web interface will make
life very easy as you can run queries on time, ip address, etc.

Kiwi I would recommend but you didn't like it.  Winsyslog is another one
on this line that you may find better.  If it is only one or two PIX
boxes then I would go with a Linux machine with Apache, Perl, MySQL and
Sysklogd.  In no time at all you have a central logging server with a
nice web front end to view all the logs.


Trevor Cushen
Sysnet Ltd

www.sysnet.ie
Tel: +353 1 2983000
Fax: +353 1 2960499



-----Original Message-----
From: Chris Berry [mailto:compjma () hotmail com] 
Sent: 08 November 2002 19:42
To: security-basics () securityfocus com
Subject: Re: Other way to view PIX syslog ?

From: "mathieu008 ." <mathieu0008 () hotmail com>
I'm tired of reading my 6 megs of PIX syslog messages using

notepad...Is

there a program out there with a GUI and options like "put in order of 
ports requests".
Even better, if there is an message or log analyzer (which would make a

little bit like an IDS)
I tried Kiwi Deamon but couldn't make it work...didn't bother because

it

didn't look nice


Perl is your friend, you could write a script to do that in about three 
lines.  Writing your own Perl/TK gui interface would be a little more 
complicated depending on how many features you want, but still probably
only 
about two pages of code.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"And here in our server room you can see our Beowolf Cluster of C64's
that 
keeps our enterprise on the very cutting edge of technology."


_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. 
http://join.msn.com/?page=features/virus



**************************************************************************************

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. 

If you have received this message in error please notify SYSNET Ltd., at
telephone no: +353-1-2983000 or postmaster () sysnet ie

**************************************************************************************

Current thread:

Other way to view PIX syslog ? mathieu008 . (Nov 07)
- RE: Other way to view PIX syslog ? Ben Corman (Nov 09)
- <Possible follow-ups>
- RE: Other way to view PIX syslog ? Calhoun, Heath (Nov 08)
- Re: Other way to view PIX syslog ? Chris Berry (Nov 09)
- RE: Other way to view PIX syslog ? Trevor Cushen (Nov 11)