RE: advice for syslog server

["Matthew Jenkins" <Matthew.Jenkins () tmctechnologies com>]

The KIWI solution is great, however watch your CPU usage.  For our
firewall alone, our Xeon 2.0 HT CPU usually runs at 50% usage on Windows
2003 standard.  This is their unregistered version; their registered
version claims to be more efficient.  The interesting thing is adding
about 4 other firewalls, a router, a half dozen switches, and a four or
so *NIX boxes still keeps it around 50% CPU usage.  Other than that,
great program for a Windows syslog solution.  Eventually we plan to
migrate to a Linux/BSD/*NIX box of some sort, but this was temporary to
replace an ancient solution that wasn't reliable.

Mat

Matthew Jenkins
Senior Network Specialist
TMC Technologies, Inc.
304.368.1862 ext 26
AOL: MLJenkinsCom  Yahoo: mljenkins  ICQ: 8116624  MSN
Visit us online at www.tmctechnologies.com

-----Original Message-----
From: adisegna () siscocorp com [mailto:adisegna () siscocorp com] 
Sent: Monday, January 24, 2005 9:49 AM
To: security-basics () securityfocus com
Subject: RE: advice for syslog server

Take a look at http://www.kiwisyslog.com/ or the PIX Firewall Syslog
Server (PFSS). You have to have a CCO account with Cisco in order to
download the file (pfss512.exe).

Thanks

AD

-----Original Message-----
From: FM [mailto:dist-list () LEXUM UMontreal CA] 
Sent: Wednesday, January 19, 2005 5:51 PM
To: Mailing List Security-Basic
Subject: advice for syslog server

Hello,
We are using PIX firewall and I gonna configure an external syslog
server.

What do you use to do some automatic log checking ? For example, today a

external user  downloaded several GB. We saw it on our stats. I cannot 
look my stats website erveryday for every we server.

So do you know good syslog parser/manager ?

Thanks !