Solved

Cisco syslog analysis tool

Posted on 2009-05-04
4
4,065 Views
Last Modified: 2013-12-07
I am looking for some Cisco syslog analysis tool, software that will take a large amount of data and try to identify possible intrusion...

Any such software out there?
0
Comment
Question by:SPERTW
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 19

Expert Comment

by:nodisco
ID: 24301301
Hey

the kiwisyslog viewer and sawmill syslog viewer are both v good - try em out and see what you think

http://www.kiwisyslog.com/kiwi-log-viewer-overview/

http://www.sawmill.net/

cheers
0
 
LVL 32

Accepted Solution

by:
Kamran Arshad earned 250 total points
ID: 24301597
Hi,

If it is just a syslog manager then you can check out any of the below solutions;

Lire      www.logreport.org      Open-Source
Epylog Log Analyzer      linux.duke.edu/projects/epylog      Open-Source
SLAPS-2      www.openchannelfoundation.org      Open-Source
Sisyphus      www.cs.sandia.gov      Open-Source
LogHound      www.estpak.ee/%7Eristo      Open-Source
syslog-ng      www.balabit.com      Open-Source
SysLog Manager      www.theonesoftware.com      Propriety
WinSyslog      www.winsyslog.com      Propriety
syslog_manager      www.theonesoftware.com      Propriety
logserver      www.op5.com      Propriety
Syslog Watcher      www.snmpsoft.com      Propriety
tftpd3d      tftpd32.jounin.net      Propriety
Syslog Collector      www.loriotpro.com      Propriety
NetDecision LogVision      www.netmechanica.com      Propriety
KiwiSysLog      www.kiwisyslog.com      Propriety
SolarWinds      www.solarwinds.com      Propriety

But I feel that you are using pix firewall or something similar and you need more details. For that purpose you need a firewall analyzer. Below are good list;

Adventnet Firewall Analyzer      www.adventnet.com
FirePlotter      www.fireplotter.com
Sawmill      www.sawmill.net
AlgoSec Firewall Analyzer      www.algosec.com
WallWatcher      www.wallwatcher.com
Firewall Analyzer      www.kdware.com
0
 

Author Comment

by:SPERTW
ID: 24304859
Thanks for the reply!

You guys given me so many choices!

We would prefer a software vendor that will have support, which one would be a better choice?

thanks
0
 
LVL 3

Expert Comment

by:buckethead34
ID: 24306455
I use Kiwi Syslog and they have pretty decent support. They're newest beta version has a Web Interface that you can access as well to see the messages.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question