Syslog Software for ASA / PIX

arnis · ‎07-14-2006

Hi

I need some advice, I need some good software that can take the ASA syslog an make in into something readable, preferably graphs on a HTTP interface.

And I am looking for something that does not cost as much as CS-MARS.

any sugestions on what works well

grant.maynard · ‎07-14-2006

For syslog try Kiwi's syslog daemon, but I don't think syslog is going to give you any graphs.

For real time stats use the ASDM, or use an SNMP app to poll the ASA.

Patrick Iseli · ‎07-14-2006

Syslog server could be:

- Kiwi Syslog:

http://www.kiwisyslog.com/

- 30COM Deamon

http://www.ncat.co.uk/Download/

- There is also a Cisco Syslog Server which supports TCP Syslog 514 - pfss512.exe

http://www.cisco.com/cgi-bin/tablebuild.pl/pix?sort=release

Commercial products that creates graphs and analyzes Syslog to generate stats could be:

- FireGen http://www.eventid.net/firegen/

- Try this one FWLOGSUM (Freeware).

http://www.ginini.com/software/fwlogsum/

http://www.ginini.com/software/fwlogsum/converters/

It uses basicly PERL scripts and supports a wide range of Firewalls. You just need to install Perl in your Windows environment.

- Try Sawmill (Eval version)

http://www.sawmill.net/

- EIQ Networks Network Security Analyzer eiqnetworks.com

Hope that gives you some ideas what to try.

sincerely

Patrick

ph0enix · ‎07-15-2006

I'm using syslog-ng on a gentoo system. It logs to a MySQL database. You can combine it with phpsyslogng which gives you a web interface (PHP based) for viewing the logs.