Firewall Wizards mailing list archives

Log monitoring / alerting

From: Jean Caron <caronj () norac net>
Date: Thu, 5 Oct 2000 13:05:06 -0400 (EDT)


Hi folks,

I'm sure the question has been asked many times over, yet I don't know
the answer.

I'm looking for a tool, or combination of tools, that can analyze, report
and send alarms based on log files data coming from PIX, Solaris (running
firewall), etc.

As for a quick glance at requirements;

- accept logs from multipls hosts (100s),
- Produce alarms based on syslog messages,
- Distribute alarms via emails, pager, snmp traps, programs calls, etc.
- Detect and log system reboots,
- Alarm if/when logging stops from a certain node,

...just to name a few.

I'm already aware of several such tools out there, but so far, none seem
to do it all, or do it all well.

Any suggestions would be greatly appreciated.

Jean


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards

Current thread:

Air Gaps vs. Firewalls Mike Bobbitt (Oct 01)
- Re: Air Gaps vs. Firewalls Mikael Olsson (Oct 01)
- <Possible follow-ups>
- RE: Re: Air Gaps vs. Firewalls rreiner (Oct 03)
  - RE: Re: Air Gaps vs. Firewalls Rick Smith (Oct 04)
    - Re: Re: Air Gaps vs. Firewalls Chuck Swiger (Oct 04)
    - Log monitoring / alerting Jean Caron (Oct 09)
    - RE: Re: Air Gaps vs. Firewalls Ryan Russell (Oct 04)
    - RE: Re: Air Gaps vs. Firewalls Rick Smith (Oct 04)
- RE: Air Gaps vs. Firewalls Mike Bobbitt (Oct 03)
- RE: Re: Air Gaps vs. Firewalls rreiner (Oct 04)
  - RE: Re: Air Gaps vs. Firewalls Rick Smith (Oct 04)
    - RE: Re: Air Gaps vs. Firewalls Frederick M Avolio (Oct 04)
    - RE: Re: Air Gaps vs. Firewalls Rick Smith (Oct 04)
- Air Gaps vs. Firewalls Avi Nagar (Oct 12)
  - Re: Air Gaps vs. Firewalls Rick Smith at Secure Computing (Oct 14)
  - Re: Air Gaps vs. Firewalls Talisker (Oct 20)

(Thread continues...)