Firewall Wizards mailing list archives
Re: Syslog montioring and usage.
From: Josh Welch <jwelch () buffalowildwings com>
Date: Tue, 13 Jul 2004 11:27:43 -0500
Chad Thomsen wrote:
I am trying to learn the ins and outs of using Syslog. I am at my second job where I have installed and configure another Pix, but have never really got into Syslog. I am currently using KIWI syslog daemon. I would like to better find out what the messages mean, and how to track down port scans, and other security related issues that syslog may reveal. To sum it up I want to be able to have a good understanding of alog file that comes form a Pix.Sorry for such a n00b question as I am really starting to dig intonetwork security.Thanks, Chad Thomsen, MCSE, CCNA
Here's a link to the Cisco doc for setting up syslog on a PIX (obtained via google, *hint*):
http://www.cisco.com/warp/public/110/pixsyslog.htmlThere is also a link in there pointing to the documentation that describes the syslog messages in painful detail.
You might also want to check out the loganalysis.org website for further information on logging in general, and I believe there is some PIX specific stuff there as well.
Josh _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Syslog montioring and usage. Chad Thomsen (Jul 13)
- Re: Syslog montioring and usage. Chris Todd (Jul 15)
- Re: Syslog montioring and usage. Marcus J. Ranum (Jul 15)
- Re: Syslog montioring and usage. Josh Welch (Jul 15)
- Re: Syslog montioring and usage. Greg Skouby (Jul 15)
- Traffic generating tool survey David Lang (Jul 19)
- RE: Traffic generating tool survey lordchariot (Jul 19)
- Traffic generating tool survey David Lang (Jul 19)
- Re: Syslog montioring and usage. Ng Pheng Siong (Jul 15)
- Re: Syslog montioring and usage. Adrian Grigorof (Jul 19)
- <Possible follow-ups>
- RE: Syslog montioring and usage. Melson, Paul (Jul 15)
- RE: Syslog montioring and usage. Wes Noonan (Jul 19)
- RE: Syslog montioring and usage. Chad Thomsen (Jul 19)
- RE: Syslog montioring and usage. Wes Noonan (Jul 19)
- Re: Syslog montioring and usage. Roger Marquis (Jul 19)
- Re: Syslog montioring and usage. Brian Ford (Jul 19)