|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] FW-1 Logs
Hi Paul, Thanks for taking the time to reply. Yes, I have read this Resolution, and as I hinted in my original mail, this is exactly what I did when I had the Management station on the Nokia platforms. The problem is that I have now migrated the Management station to NT (arguably the best platfom for the graphics used by the CheckPoint system) as I have multiple Nokias to manage. Once you do this the logs are grabbed by the master station and recorded ON the Management Station platform (NT). This means that I no longer have an equivalent function to the Unix "logger" (thank you Microsoft !) with which to route the log data to a "standard" syslog daemon. We run "Cisco Works for Windows" on a central management station (we are predominantly Cisco with dozens of routers and PIX firewalls) and need to collect all data there to enable central network monitoring. Since Cisco cannot interpret the FW-1 logs in their native form, I use the "fw log" comand to generate textual output and the "logger" client to send it over port 514 to CWW. I realise that I could run multiple management stations (CLM - log-only CheckPoint stations) and ship the log data around in its native form, but we are too far down the road with the Cisco kit to change now, so I must find a text-based solution using the "fw log" output for preference. The best I have come up with so far is to generate the log data on the NT station with "at" running ".bat" scripts and then ftp the results to CWW. This has many draw-backs though ; what I really need is a small syslog client for NT. I know a little "C" but just do not have time to write one, so I was hoping there would be a proprietary solution out there................ If you can help further, please don't hesitate ! Cheers, Gordon ________________________________________________________________________________________ >From Paul Toyne <[email protected]> on 11 December 2001 16:31:58 To : [email protected] Subject : Re: [FW-1] FW-1 Logs Gordon wrote: > I am pretty sure that I now need an independent syslog client on my > distributed Management Station (WinNT) to emulate the same thing. > If you know better (or know of such a client) please get back to me. Go to Nokias support website (http://support.nokia.com/), and register if you already haven't done so. When you log in, go the the Knowlege Base link (on the right hand side), then in the new window put 1315 in the Resolution ID and click Search. It looks like this explains how to send Firewall-1 logs from the Nokia to a syslog server. Paul Toyne Security / Network Management, ISAS De Montfort University, The Gateway, Leicester LE1 9BH ENGLAND ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] ================================================= ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
