Firewall Wizards mailing list archives

Cisco PIX log analyzer, parser, reporter?

From: Vahid Pazirandeh <vpaziran () yahoo com>
Date: Wed, 4 Oct 2006 19:44:25 -0700 (PDT)

That got your attention didn't it?  I know this is a lengthy subject, because I
was reading through the other thread titled "parsing logs ultra-fast inline".

Is there a "logwatch" equivalent that reports on PIX v7.x logs (not v6)? 
Logwatch (http://freshmeat.net/projects/logwatch/) is just so simple, and does
some reporting on syslog files.

I just have one PIX device to worry about.  Should I just come up with a list
of include/exclude regexps instead of trying to find some tool?  Should I
collect iptables logs too?

I'm probably missing the bigger picture of network security reporting.  Your
experience and helpful tips are appreciated. :-)


[See Also]
http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=4&rl=1
http://www.eventid.net/firewalls/MostPopularReports.asp
http://fwlogwatch.inside-security.de (pix v6 parser)
http://freshmeat.net/projects/logrep/
http://freshmeat.net/projects/pixla/ (what version is this for?)

-Vahid

=============================================
 "Make it better before you make it faster."
=============================================
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Cisco PIX log analyzer, parser, reporter? Vahid Pazirandeh (Oct 06)
- Re: Cisco PIX log analyzer, parser, reporter? Brian Loe (Oct 08)
  - Scans on UDP 38072 Adrian Grigorof (Oct 27)
    - Re: Scans on UDP 38072 PaulM (Oct 29)
- Re: Cisco PIX log analyzer, parser, reporter? Devdas Bhagat (Oct 08)