• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1376
  • Last Modified:

Help with PIX, Syslog, KIWI

I have a pix firewall 501.  I need to parse the syslog files into something I can use with crystal reports.  So in essence I need date, time, source ip, destination ip (or url),

I have been playing with kiwi but have not been able to get it to work as I am sure of all the steps involved.  
Need help in steps (like setup custome file format, then setup output file, then ....) in getting this working.

Also need help (I believe) in getting a custom script in kiwi to output above.  

Thanks for your help and guidance.

  • 2
1 Solution
Tim HolmanCommented:
You've managed to setup syslog to send data from PIX to Kiwi ?
This shows you how:


Now...  as for file formats, I wouldn't bother messing around with them, but get a product that understands PIX syslog files - like eiqFirewallAnalyzer http://www.eiqnetworks.com/products/securityanalytics.shtml, or Network Intelligence (super-capable SYSLOG server), or SawMill http://www.sawmill.net/formats/PIX_Firewall_Syslog_Server_Format.html or A.N.Other - there are plenty around !!

terryhdbaileyAuthor Commented:
Does Sawmill also capture the syslog  or does it have to be captured with something else?

Yes I have the pix 501 sending me syslog messages now.  udp port 514.

thanks terry
Tim HolmanCommented:
It's a log file analyser, so you do need a syslog server at some stage to generate the logs for Sawmill to analyse.
Here's another reasonable log analysis tool:


The intergrated syslog servers / log analyzers tend to cost a LOT more !!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now