[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] FW-1 Logs
We've had some success with Winsyslog, at http://www.WinSyslog.com >>> [email protected] 12/13/01 12:34PM >>> Gordon, I haven't found any direct syslog clients in the win32 world either. I have found a few developer aids. www.activelogger.com is an activex control that you can use in wsh, vb, ASP etc. I did at one point have a few links to syslog DLLs that you can call. If you are interested, I'll try and dig those up... Arron_________________________________________________ Arron King Network & Systems Administrator Ohio Dominican College [email protected] http:\\www.odc.edu\~kinga -----Original Message----- From: Gordon Webber [mailto:[email protected]] Sent: Thursday, December 13, 2001 4:17 AM To: [email protected] Subject: Re: [FW-1] FW-1 Logs Hi Paul, Thanks for taking the time to reply. Yes, I have read this Resolution, and as I hinted in my original mail, this is exactly what I did when I had the Management station on the Nokia platforms. The problem is that I have now migrated the Management station to NT (arguably the best platfom for the graphics used by the CheckPoint system) as I have multiple Nokias to manage. Once you do this the logs are grabbed by the master station and recorded ON the Management Station platform (NT). This means that I no longer have an equivalent function to the Unix "logger" (thank you Microsoft !) with which to route the log data to a "standard" syslog daemon. We run "Cisco Works for Windows" on a central management station (we are predominantly Cisco with dozens of routers and PIX firewalls) and need to collect all data there to enable central network monitoring. Since Cisco cannot interpret the FW-1 logs in their native form, I use the "fw log" comand to generate textual output and the "logger" client to send it over port 514 to CWW. I realise that I could run multiple management stations (CLM - log-only CheckPoint stations) and ship the log data around in its native form, but we are too far down the road with the Cisco kit to change now, so I must find a text-based solution using the "fw log" output for preference. The best I have come up with so far is to generate the log data on the NT station with "at" running ".bat" scripts and then ftp the results to CWW. This has many draw-backs though ; what I really need is a small syslog client for NT. I know a little "C" but just do not have time to write one, so I was hoping there would be a proprietary solution out there................ If you can help further, please don't hesitate ! Cheers, Gordon ____________________________________________________________________________ ____________ >From Paul Toyne <[email protected]> on 11 December 2001 16:31:58 To : [email protected] Subject : Re: [FW-1] FW-1 Logs Gordon wrote: > I am pretty sure that I now need an independent syslog client on my > distributed Management Station (WinNT) to emulate the same thing. > If you know better (or know of such a client) please get back to me. Go to Nokias support website (http://support.nokia.com/), and register if you already haven't done so. When you log in, go the the Knowlege Base link (on the right hand side), then in the new window put 1315 in the Resolution ID and click Search. It looks like this explains how to send Firewall-1 logs from the Nokia to a syslog server. Paul Toyne Security / Network Management, ISAS De Montfort University, The Gateway, Leicester LE1 9BH ENGLAND ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] ================================================= ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] ================================================= ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] ================================================= ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] =================================================
|