https://community.cisco.com/t5/network-security/pix-syslog/m-p/620306#M496086 <P>HI there</P><P>I have a Cisco PIX 515E. I am able to retrieve the sys log from an AIX server, and i can break them in files by severity or by error code. Anyway it is still a lot of work to read all of these logs.</P><P>My question is simple. Is there any Cisco Software or any recommended software that will simplify the job of reading the logs?</P><P></P><P>Regards</P> Fri, 21 Feb 2020 09:26:21 GMT KlediBodinaku24 2020-02-21T09:26:21Z https://community.cisco.com/t5/network-security/pix-syslog/m-p/620306#M496086 <P>HI there</P><P>I have a Cisco PIX 515E. I am able to retrieve the sys log from an AIX server, and i can break them in files by severity or by error code. Anyway it is still a lot of work to read all of these logs.</P><P>My question is simple. Is there any Cisco Software or any recommended software that will simplify the job of reading the logs?</P><P></P><P>Regards</P> Fri, 21 Feb 2020 09:26:21 GMT https://community.cisco.com/t5/network-security/pix-syslog/m-p/620306#M496086 KlediBodinaku24 2020-02-21T09:26:21Z https://community.cisco.com/t5/network-security/pix-syslog/m-p/620307#M496087 <HTML><HEAD></HEAD><BODY><P>Syslog server could be:</P><P>- Kiwi Syslog:</P><P><A class="jive-link-custom" href="http://www.kiwisyslog.com/" target="_blank">http://www.kiwisyslog.com/</A></P><P>- 30COM Deamon</P><P><A class="jive-link-custom" href="http://www.ncat.co.uk/Download/" target="_blank">http://www.ncat.co.uk/Download/</A></P><P>- There is also a Cisco Syslog Server which supports TCP Syslog 514 - pfss512.exe</P><P><A class="jive-link-custom" href="http://www.cisco.com/cgi-bin/tablebuild.pl/pix?sort=release" target="_blank">http://www.cisco.com/cgi-bin/tablebuild.pl/pix?sort=release</A></P><P></P><P>Commercial products that creates graphs and analyzes Syslog to generate stats could be:</P><P>- FireGen <A class="jive-link-custom" href="http://www.eventid.net/firegen/" target="_blank">http://www.eventid.net/firegen/</A></P><P>- Try this one FWLOGSUM (Freeware).</P><P><A class="jive-link-custom" href="http://www.ginini.com/software/fwlogsum/" target="_blank">http://www.ginini.com/software/fwlogsum/</A></P><P><A class="jive-link-custom" href="http://www.ginini.com/software/fwlogsum/converters/" target="_blank">http://www.ginini.com/software/fwlogsum/converters/</A></P><P>It uses basicly PERL scripts and supports a wide range of Firewalls. You just need to install Perl in your Windows environment.</P><P>- Try Sawmill (Eval version)</P><P><A class="jive-link-custom" href="http://www.sawmill.net/" target="_blank">http://www.sawmill.net/</A></P><P>- EIQ Networks Network Security Analyzer eiqnetworks.com</P><P></P><P>Hope that gives you some ideas what to try.</P><P></P><P></P><P>Regards,</P><P>Sushil</P></BODY></HTML> Thu, 08 Mar 2007 15:50:38 GMT https://community.cisco.com/t5/network-security/pix-syslog/m-p/620307#M496087 suschoud 2007-03-08T15:50:38Z https://community.cisco.com/t5/network-security/pix-syslog/m-p/620308#M496089 <HTML><HEAD></HEAD><BODY><P>If you are looking for a syslog solution there are a number of good syslog devices.</P><P></P><P>Log Logic is really nice and is an appliance and you can also get a 2T storage with it.</P><P></P><P>However, if you want to just have something correlate the logs for you and see the events that are possible issues. Check out CS-MARS.</P><P></P><P>It is actually better to use both solutions though. Store your logs on a syslog server and have CS-MARS correlate the events and show you what are possible threats.</P></BODY></HTML> Tue, 13 Mar 2007 01:55:12 GMT https://community.cisco.com/t5/network-security/pix-syslog/m-p/620308#M496089 pplsi 2007-03-13T01:55:12Z