That got your attention didn't it? I know this is a lengthy subject, because I
was reading through the other thread titled "parsing logs ultra-fast inline".

Is there a "logwatch" equivalent that reports on PIX v7.x logs (not v6)?
Logwatch (http://freshmeat.net/projects/logwatch/) is just so simple, and does
some reporting on syslog files.

I just have one PIX device to worry about. Should I just come up with a list
of include/exclude regexps instead of trying to find some tool? Should I
collect iptables logs too?

I'm probably missing the bigger picture of network security reporting. Your
experience and helpful tips are appreciated. :-)


[See Also]
http://www.ciscopress.com/articles/a...&seqNum=4&rl=1
http://www.eventid.net/firewalls/MostPopularReports.asp
http://fwlogwatch.inside-security.de (pix v6 parser)
http://freshmeat.net/projects/logrep/
http://freshmeat.net/projects/pixla/ (what version is this for?)

-Vahid

=============================================
"Make it better before you make it faster."
=============================================
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards