Someone, I think either from bugtraq, or the other firewalls list, released code they were working on for a 'secure syslog' protocol for such a situation as this. The work was unfinished, to clarify. Let me see if I can find the links here...hold..: Yes, from his posting, bugtraq: I've placed an online archive of the source at http://www.w00w00.org/files/SRS and the full, original source is available at http://www.w00w00.org/files/SRS.tgz. This code hasn't been changed in over a year, and the original comments, TODOs, READMEs, etc. are all still there. From: Matt Conover <shokat_private> Thanks, Ron DuFresne On Thu, 13 Jan 2000 VN_Sabarinath@satyam-infoway.com wrote: > > Placed At : > > > Hello, > > I administer 5 remote firewalls and wish to do seperate centralized anaysis of > the logfiles to generate custom reports. > > To get the log files, I propose to regularly FTP the files (in zipped version, > once a day, automatically)from the firewalls to a centralised machine. This > machine run a log anaysis software. The report may be FTP'ed back or put up on > a website. > > 1) Are there any better approaches to do this? > > 2) We currently use Webtrends for firewalls and VPN's. Is there an unlimited > license version for this product? (We are an ISP). > > 3) Can you suggest other log analysis software? > > Thanks/Regards > > VN Sabarinath > > > Please Visit http://www.satyamonline.com for free e-mail > > -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior consultant: darkstar.sysinfo.com http://darkstar.sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too!
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:40 PDT