OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Vinny Valdez (Vinny.Valdezcourts.state.tx.us)
Date: Wed Sep 19 2001 - 14:25:25 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I currently have my PIX sending logs to a linux 'syslog server' that I
    have setup. I send it using a local facility (cisco defaults to local7
    for routers, and local4 for PIX), and pipe it into a free utility from
    freshmeat http://freshmeat.net/projects/pixlog/ that generates daily
    html reports.

    The recommended setup is to trap only info level logs, but you could
    trap debug or more if you wanted. You could do a million other things
    after it hits the linux box, even send the logs to some of the other
    programs mentioned in the thread after it generates the html pages.
    Managers love graphs and pretty pictures.

    Vinny Valdez, RHCE
    Network Support Specialist
    Office of Court Administration

    -> -----Original Message-----
    -> From: Bob Sadler [mailto:bobsLEAWOOD.ORG]
    -> Sent: Tuesday, September 18, 2001 11:19 AM
    -> To: focus-mssecurityfocus.com
    -> Subject: Syslog Viewer/Reporter
    ->
    ->
    -> Long time lurker, first time question here.
    ->
    -> Let me say first that I wear many hats in my job, and
    -> security is one of them. In the past I've been happy with
    -> just applying patches from MS and making sure things are up
    -> and running.
    ->
    -> Lately though, I've been intrigued by the other people that
    -> take a daily look at their Syslogs and actually take a more
    -> proactive stance in security. I'd love to be able to do
    -> this, and therefore I believe my first step would be to
    -> setup my PIX to start generating a SYSLOG and then finding
    -> something to could intelligently report that SYSLOG back to me.
    ->
    -> Knowing that there are people are there that are TONS
    -> smarter than I in this area, and probably have already done
    -> this, I was hoping for ideas on inexpensive products that
    -> would be able to read PIX SYSLOG's and give me daily reports
    -> on what I see.
    ->
    -> I appreciate any help you offer, and thank you for your time
    -> and efforts.
    ->
    ->
    ->
    -> Bob Sadler
    -> City of Leawood, KS, USA
    -> Internet/WAN Specialist
    -> 913-339-6700 X194
    -> bobsleawood.org <mailto:bobsleawood.org>
    ->
    ->