Log Analyzer for PIX messages

sghezzi · May 21, 2004

Hello,

we are using PIX 6.3(3) and we use Kiwi syslog for collecting logs.
We would also like to have a log analyzer to easily process PIX messages.
Can anyone suggest a good product?

Thanks
Silvia

NetworkAdmin123 · May 21, 2004

I too am looking in this area.....we are thinking about sawmill which has a decent report

http://www.sawmill.net

I'm up for any other suggestions if anyone else has them.

NetworkAdmin123 · May 21, 2004

http://www.sawmill.net

We use kiwi syslog as well.

ForumKid · May 21, 2004

Kiwi syslog is free and probably the most widely used. It has many great features and is a breeze to setup.

NetworkAdmin123 · May 21, 2004

we use kiwi syslog to get the logs....sawmill is something I think your looking for. It takes the logs and formats them into a readable report sortable by days etc. We're using a free 30 day trial and it seems to be working well. It's only $99 to purchase which is nice.

sghezzi · May 25, 2004

Ok, this is exactly what we are testing now:
Kiwi Syslog + Sawmill (evaluation version)

so you suggest to go ahead with this scenario.

Good.

Thanks
Silvia

agrigorof · Jun 1, 2004

Try FireGen for Pix:

http://www.eventid.net/firegen/firegenpix2.asp

Sample report here:

http://www.eventid.net/firegen/mildco01-2004-03-12-165112-ondemand.html

If something is missing from this analyzer, just send an email to the developers, they would be happy to improve the product.

Regards,
Adrian Grigorof

http://www.eventid.net

NetworkAdmin123 · Jun 25, 2004

We purchased Sawmill and are happy with it. I didn't know about FireGen though.

Opinions on both?

SGHEZZI- what did you end up doing?

agrigorof · Jun 25, 2004

Sawmill is basically just a web traffic analyzer. The "firewall" analysis section is quite basic and there is hardly any value in that information. Just compare the sample reports:

http://www.eventid.net/firegen/mildco01-2004-03-12-165112-ondemand.html

vs.

http://www.sawmill.net/cgi-bin/samp....66/netscreen"+cm+vs+filters+nofilters+asv+15

Besides the fact that there is no contest between the main reports, FireGen also offers IP Forensics (

http://www.eventid.net/firegen/ipforensics_report.asp)

and configuration analysis (

http://www.eventid.net/firegen/pixconfig-2004-03-17-220752.html).

Adrian Grigorof

http://www.eventid.net/firegen/firegenpix2.asp

FireGen for Pix Log Analyzer

NetworkAdmin123 · Jun 25, 2004

Well when I license is up with Sawmill I'll look more closely at Firegen....Thx

julianmd · Jun 26, 2004

Currently, FireGen for PIX supports logs from the Cisco PIX* firewalls version 5.x and 6.1.x

This would be a minus!

agrigorof · Jun 26, 2004

Actually, it does support the 6.3.x PIX firmware. The Firegen website did not keep up with the software

Adrian Grigorof

http://www.eventid.net/firegen/firegenpix2.asp

FireGen for Pix Log Analyzer

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Log Analyzer for PIX messages

sghezzi

Technical User

NetworkAdmin123

MIS

NetworkAdmin123

MIS

ForumKid

MIS

NetworkAdmin123

MIS

sghezzi

Technical User

agrigorof

Technical User

NetworkAdmin123

MIS

agrigorof

Technical User

NetworkAdmin123

MIS

julianmd

MIS

agrigorof

Technical User

Similar threads

Part and Inventory Search

Sponsor