https://community.cisco.com/t5/network-security/realtime-log-analyzer-for-pix/m-p/143090#M604864 <HTML><HEAD></HEAD><BODY><P>What do you mean by analye? If you want alerts about a specific message, use Kiwi syslog as it is very flexible and easy to configure for alerting. To analyze the syslog messages, I recommend Fwlogwatch and ReportGen. Both are *nix freeware apps that provide HTML reports of Pix syslog messages. FWlogwatch is only concerned with summarizing "Deny"s while ReportGen creates statistical reports based on "Built Inbound" and "Built Outbound" messages. Using all three of these tools together is provides a lot of useful information for "free".</P></BODY></HTML> Mon, 09 Jun 2003 22:51:43 GMT shannong 2003-06-09T22:51:43Z https://community.cisco.com/t5/network-security/realtime-log-analyzer-for-pix/m-p/143088#M604862 <P>Hi,</P><P>I am looking for a OpenSource\Free realtime log analyzer for PIX syslog messages. </P><P>Any recommendations ?</P><P></P><P>Regards \\ Naman</P> Fri, 21 Feb 2020 06:47:27 GMT https://community.cisco.com/t5/network-security/realtime-log-analyzer-for-pix/m-p/143088#M604862 mnlatif 2020-02-21T06:47:27Z https://community.cisco.com/t5/network-security/realtime-log-analyzer-for-pix/m-p/143089#M604863 <HTML><HEAD></HEAD><BODY><P>You have a few *free* options. Ther eis always the Cisco Secure PIX Firewall Syslog server that you can download from CCO. Another windows based server is the Kiwi syslog server.</P><P></P><P>However, you can also use the standard unix syslog deamon and run swatch (<A class="jive-link-custom" href="http://swatch.sourceforge.net/" target="_blank">http://swatch.sourceforge.net/</A>) to parse your syslog files for pertinent events.</P><P></P><P>This is just one example of a way to analyze your log files. There are many more tools and scripts out there but anyhting free is going to take more setup resources. Compare what it would take to set something like this up to installing the CiscoWorks tool that has everything built-in for you...</P><P></P><P>Marcus</P><P></P></BODY></HTML> Mon, 09 Jun 2003 21:16:27 GMT https://community.cisco.com/t5/network-security/realtime-log-analyzer-for-pix/m-p/143089#M604863 msitzman 2003-06-09T21:16:27Z https://community.cisco.com/t5/network-security/realtime-log-analyzer-for-pix/m-p/143090#M604864 <HTML><HEAD></HEAD><BODY><P>What do you mean by analye? If you want alerts about a specific message, use Kiwi syslog as it is very flexible and easy to configure for alerting. To analyze the syslog messages, I recommend Fwlogwatch and ReportGen. Both are *nix freeware apps that provide HTML reports of Pix syslog messages. FWlogwatch is only concerned with summarizing "Deny"s while ReportGen creates statistical reports based on "Built Inbound" and "Built Outbound" messages. Using all three of these tools together is provides a lot of useful information for "free".</P></BODY></HTML> Mon, 09 Jun 2003 22:51:43 GMT https://community.cisco.com/t5/network-security/realtime-log-analyzer-for-pix/m-p/143090#M604864 shannong 2003-06-09T22:51:43Z https://community.cisco.com/t5/network-security/realtime-log-analyzer-for-pix/m-p/143091#M604865 <HTML><HEAD></HEAD><BODY><P>Thanks All.</P><P>I need something for Unix platform, so Kiwi Syslog is of no use.</P><P>I knew the limitation with Fwlogwatch (only considers Deny), i will take a look at ReportGen. I was also considering LIRE (<A class="jive-link-custom" href="http://logreport.org/" target="_blank">http://logreport.org/</A>) however i haven't tested that as yet.</P><P>However all the above can't do RealTime analysis, but as recommended "swatch" will be able to provide that functionality.</P><P>Thanks again.</P><P>\\ Naman</P><P></P></BODY></HTML> Mon, 09 Jun 2003 23:00:58 GMT https://community.cisco.com/t5/network-security/realtime-log-analyzer-for-pix/m-p/143091#M604865 mnlatif 2003-06-09T23:00:58Z