?
Solved

Recommendation for a SysLog Server for use with Sonicwall TZ 200

Posted on 2011-09-09
6
Medium Priority
?
1,968 Views
Last Modified: 2012-05-12
I am looking for a recommendation for a syslog server for use with a sonicwall TZ 200 appliance.  Something readily easy to use search capability.  One of our techs has used the Kiwi SysLog server in the past.  I suspect this isn't even much of an issue, but thought I'd ask.
0
Comment
Question by:conlin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 33

Accepted Solution

by:
digitap earned 750 total points
ID: 36513116
If you are licensed, I'd recommend Sonicwall's ViewPoint software. Nothing else is going to get you the summarized reports for every aspect of the sonicwall like ViewPoint. If you've purchased into some of the licensing on your sonicwall appliance, then you may already have a license for it. Go to Security Services > Status and you should see if you are licensed for it or not.
0
 
LVL 6

Expert Comment

by:nativevlan
ID: 36513374
KiwiSyslog is really basic and does its job, also free. Lacking somewhat in searches and getting a good graphical representation of a timeline of events. If you have the budget I opt for Splunk, better search and much better interface. My $.02.
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 36513479
I use any linux host running rsyslog and LogAnalyzer.     All opensource.  

I guess this depends lot upon any specific needs you have....  

0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:conlin
ID: 36513587
As part of becoming HIPPA and PCI compliant we are required to save the logs and be able to search across them.  To what detail level I don't know yet.  Our experience with Kiwi was very limited.  Same with ViewPoint.  I guess what is important is that we are able to utilize/search across all the data coming out of the sonicwall.  Viewpoint makes sense in that regard since it is a Sonicwall product.  Just want to know if there are other, better options.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 750 total points
ID: 36513743
In my experience, almost right out of the gate, ViewPoint gives you all that information without a lot of up front configurations. I've setup several of those servers so if you need any direction there, myself and others here can give you great direction.
0
 

Author Closing Comment

by:conlin
ID: 36531406
Since we have not made a final decision nor have yet implemented any product, it becomes difficult to definitively grade the accuracy of the responses.  That said, we currently feel ViewPoint becomes the sensable first product to implement to see how well it fits with our needs.  Thanks to all who recommended various products.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question