cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4166
Views
0
Helpful
5
Replies

Advice on a good logfile analyzer for ASA & FWSM (ACS)?

Roble Mumin
Level 3
Level 3

Hey All,

i am in need of working logfile analyzer for ASA and/or FWSM series log messages. I would prefer a linux based open source tool with the capabilities to highlight false logins and pipe the output into some kind of mail alert component. A huge plus would be the ability to parse Secure ACS output as well.

Thanks for reading

Roble

5 Replies 5

Kureli Sankar
Cisco Employee
Cisco Employee

Hey KS,

thanks for the quick answer. rsyslog looks like another logdeamon and my configuration with syslog-ng works out fine so far.

Maybe i overlooked something in the rsyslog docs but i need a log parser not a log deamon.

Roble

Sorry my bad. check this out: http://www.loganalysis.org/

We just use cat, grep, sed, awk and uniq to parse through syslogs.

-KS

Cisco MARS can also do it and run reports for you.

PK

Hey PK,

i would like a MARS but unfortunately this solution is a bit oversized for the current demand. I actually found something which works pretty well allthough its a retail product.

http://www.manageengine.com/products/firewall/

Roble

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: