loganalysis 2001/08: RE: [loganalysis] fwlogwatch feedback

RE: [loganalysis] fwlogwatch feedback

From:

PTOBIAat_private

Date:

Next message: Boris Wesslowski: "RE: [loganalysis] fwlogwatch feedback"

Previous message: Jason Lewis: "RE: [loganalysis] stopping/starting swatchn"
Maybe in reply to: n gold: "[loganalysis] fwlogwatch feedback"
Next in thread: Boris Wesslowski: "RE: [loganalysis] fwlogwatch feedback"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've tried it out on a limited basis and have had good results with Cisco
IOS output, but it doesn't seem to even detect my PIX logs, let alone report
on them correctly.  PIX 5.2.  It's pretty effective to get an idea of all
the crud floating out there banging against your filters.
 
-Paul

-----Original Message-----
From: n gold [mailto:395cat_private]
Sent: Friday, August 24, 2001 2:13 PM
To: loganalysisat_private
Subject: [loganalysis] fwlogwatch feedback


I have been playing around with fwlogwatch
(cert.uni-stuttgart.de/projects/fwlogwatch) and wondered if anyone has had
experience with it.  In particular, I am curious about how it might perform
with log files on a log host other than the PIX logs, Cisco IOS logs, and so
on for which the tool was created.  Any one done any "tricks" with the tool
and care to share?
 
Thanks
n gold





CONFIDENTIALITY NOTICE

This message and any included attachments are from Cerner Corporation and are intended only for the addressee.  The information contained in this message is confidential and may constitute inside or non-public information under international, federal, or state securities laws and is intended only for the use of the addressee.  Unauthorized forwarding, printing, copying, distributing, or using such information is strictly prohibited and may be unlawful.  If you are not the addressee, please promptly delete this message and notify the sender of the delivery error by e-mail or you may call Cerner’s corporate offices in Kansas City, Missouri, U.S.A at (+1) (816) 221-1024.
------------------------------------------------------------------------

I've tried it out on a limited basis and have had good results with Cisco IOS output, but it doesn't seem to even detect my PIX logs, let alone report on them correctly. PIX 5.2. It's pretty effective to get an idea of all the crud floating out there banging against your filters.

-Paul

-----Original Message-----
From: n gold [mailto:395cat_private]
Sent: Friday, August 24, 2001 2:13 PM
To: loganalysisat_private
Subject: [loganalysis] fwlogwatch feedback

I have been playing around with fwlogwatch (cert.uni-stuttgart.de/projects/fwlogwatch) and wondered if anyone has had experience with it. In particular, I am curious about how it might perform with log files on a log host other than the PIX logs, Cisco IOS logs, and so on for which the tool was created. Any one done any "tricks" with the tool and care to share?

Thanks

n gold

--------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private

Next message: Boris Wesslowski: "RE: [loganalysis] fwlogwatch feedback"
Previous message: Jason Lewis: "RE: [loganalysis] stopping/starting swatchn"
Maybe in reply to: n gold: "[loganalysis] fwlogwatch feedback"
Next in thread: Boris Wesslowski: "RE: [loganalysis] fwlogwatch feedback"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 27 2001 - 07:50:26 PDT