[Dshield] Syslog realtime report builder

Hernandez, Moses MHernandez3 at mercymiami.org
Wed Mar 15 00:23:36 GMT 2006


Andrew, 
  Have you look at Checkpoint Eventia? This will do Event Correlation
with your FW1/NG and other logging sources such as Syslog, windows, etc.
Additionally I don't know why I thought that some of the syslog
information can be pulled into tracker, maybe I am confusing this with
Eventia but it is worth a shot to a scrub of the Checkpoint
Knowledgebase, maybe I will look at it.

FWIW what I have used in the past for syslogging is not the most
grandiose or the best but it does a fair job and that is the kiwi syslog
daemon located @ http://www.kiwisyslog.com/

Moses Hernandez, CISSP


-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of Andrew
Sent: Tuesday, March 14, 2006 5:03 PM
To: General DShield Discussion List
Subject: [Dshield] Syslog realtime report builder

Good afternoon,

Thanks in advance.

Summary:

Do any of you know of a quality syslog monitor than can 
format/display/filter events in real time (or reasonably similar to real

time?).

Actual situation:

We use Checkpoint FW1/NG.  I am a fan of their logging client, now 
called, "Smartview Tracker".  We also have a SonicWall 3060 + Viewpoint 
which provides real time syslog events, the same information but not so 
handily colored, or easily filtered or sorted.  I would like to monitor 
these events and have format applied to them and end up with the 
'scroll' I like so much from Checkpoint. Suggestions?

Thanks again,

Andrew





_________________________________________
Learn about Intrusion Detection in Depth from the comfort of your own
couch:
https://www.sans.org/athome/details.php?id=1341&d=1

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list
**********************************************************************************************
IMPORTANT: The contents of this email and any attachments are confidential. They are intended for the 
named recipient(s) only.
If you have received this email in error, please notify the system manager or the sender immediately and do 
not disclose the contents to anyone or make copies thereof.
*** Mercy Hospital has scanned this email for viruses, vandals, and malicious content. ***
**********************************************************************************************




More information about the list mailing list