Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cisco syslog analysis tool

Posted on 2009-05-04
4
Medium Priority
?
4,294 Views
Last Modified: 2013-12-07
I am looking for some Cisco syslog analysis tool, software that will take a large amount of data and try to identify possible intrusion...

Any such software out there?
0
Comment
Question by:SPERTW
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 19

Expert Comment

by:nodisco
ID: 24301301
Hey

the kiwisyslog viewer and sawmill syslog viewer are both v good - try em out and see what you think

http://www.kiwisyslog.com/kiwi-log-viewer-overview/

http://www.sawmill.net/

cheers
0
 
LVL 32

Accepted Solution

by:
Kamran Arshad earned 1000 total points
ID: 24301597
Hi,

If it is just a syslog manager then you can check out any of the below solutions;

Lire      www.logreport.org      Open-Source
Epylog Log Analyzer      linux.duke.edu/projects/epylog      Open-Source
SLAPS-2      www.openchannelfoundation.org      Open-Source
Sisyphus      www.cs.sandia.gov      Open-Source
LogHound      www.estpak.ee/%7Eristo      Open-Source
syslog-ng      www.balabit.com      Open-Source
SysLog Manager      www.theonesoftware.com      Propriety
WinSyslog      www.winsyslog.com      Propriety
syslog_manager      www.theonesoftware.com      Propriety
logserver      www.op5.com      Propriety
Syslog Watcher      www.snmpsoft.com      Propriety
tftpd3d      tftpd32.jounin.net      Propriety
Syslog Collector      www.loriotpro.com      Propriety
NetDecision LogVision      www.netmechanica.com      Propriety
KiwiSysLog      www.kiwisyslog.com      Propriety
SolarWinds      www.solarwinds.com      Propriety

But I feel that you are using pix firewall or something similar and you need more details. For that purpose you need a firewall analyzer. Below are good list;

Adventnet Firewall Analyzer      www.adventnet.com
FirePlotter      www.fireplotter.com
Sawmill      www.sawmill.net
AlgoSec Firewall Analyzer      www.algosec.com
WallWatcher      www.wallwatcher.com
Firewall Analyzer      www.kdware.com
0
 

Author Comment

by:SPERTW
ID: 24304859
Thanks for the reply!

You guys given me so many choices!

We would prefer a software vendor that will have support, which one would be a better choice?

thanks
0
 
LVL 3

Expert Comment

by:buckethead34
ID: 24306455
I use Kiwi Syslog and they have pretty decent support. They're newest beta version has a Web Interface that you can access as well to see the messages.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question