what's the best way to monitor the security logs of a PIX firewall?

I need to monitor a PIX firewall for any attempts to hack into our system, etc.  Mostly, just basic monitoring of the firewall to make sure that security is not breached.  Does anyone know of a good solution for doing this, preferably freeware?  I am relatively savvy with Cisco routers, but haven't dealt much with the PIX.  I would prefer something that integrates easily, has easy to read reports, and doesn't require much configuration of the firewall, on my part.  I know that I'm basically asking for a Cadillac for free, but maybe someone has some ideas.  My company is going through Sarbanes-Oxley auditing and I need to come up with some ideas relatively quickly.  Thanks in advance.
rhouston0872Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lrmooreCommented:
Easy enough to setup syslogging on the PIX to an inside host.
Then layer on any of several third pary syslot analysis packages:
http://www.surfstats.com/ciscopix_isa.asp  <== not free, but relatively inexpensive

Sawmill is another great option. Free for 30 days, and you might even qualify to keep using it for free:
http://www.sawmill.net/formats/PIX_Firewall_Syslog_Server_Format.html

Free Kiwi syslogger
http://www.kiwisyslog.com/info_syslog.htm

0
rhouston0872Author Commented:
Do you know where some directions are that would show me how to set up syslogging on the PIX?
0
lrmooreCommented:
Sure:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a008010578b.html#wp1028090

Pretty simple, really:
   logging on
   logging host <ip address>
   logging trap informational

0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

rhouston0872Author Commented:
Just one more question, if I may.  With this sort of logging, how is performance affected?
0
lrmooreCommented:
Performance of the PIX is not affected at all.
Once you begin monitoring your logs, you can start pruning certain type messages out so that your log becomes more managable...

0
lrmooreCommented:
Beware, though, that will this level of logging, depending on how many people you have using it, your log can grow to over 1GB per day! The logging host is the one that I would worry about performance on..

0
rhouston0872Author Commented:
Okay, thanks for your help.  It's much appreciated.
0
rhouston0872Author Commented:
I'm new to this, so I'm trying to figure out how to assign points.  Give me a minute.
0
lrmooreCommented:
Not a problem. Simply choose the "Accept" button on any comment..

Thanks!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.