I'm not sure if you're into programming, but with a little PHP you could replace your stock syslog daemon with a custom program engineered to receive events from your Cisco device and put them in a MySQL db. From there you can do whatever analysis you want since you're controlling what's logged and how it's formatted. Just a thought.
Geoff
Sent from my BlackBerry wireless handheld.
-----Original Message-----
From: "Milind Nanal" <
milindn@...>
Date: Fri, 7 Sep 2007 19:15:26
To:<
security-basics@...>
Cc:<
firewalls@...>
Subject: Cisco ASA firewall log analyzer
Hi,
I am looking for Cisco ASA 5500 syslog log analyzer. Any free or open source
tool is my first preference. The firewall is logging event on syslog daemon.
Analyzing the logged events are much difficult as compare to Microsoft ISA
firewall server. Which gives me facility to check Internet usage per user or
applications or source / destination or service ports.
Quick response is highly appreciated.
Regards,
Milind Nanal
