Security Basics mailing list archives
Re: Tools to Analyse Logs in Checkpoint NG
From: c_brauckmiller () LEK COM
Date: Wed, 21 May 2003 12:17:14 -0400
There is one package called Sawmill that claims to examine logs from CheckPoint. I never had much luck with it...but you may have more luck. The only downside is that you have to export the logs to a file before Sawmill will be able to use it. WebTends sells a REALLY nice package for about $2500 that will analyze the hell out of the logs. Their product will connect live to the firewall and examine them on the fly with no need to export the logs. I say spend the money and get that one especially for multiple firewalls. Good luck and let us know what you find. Craig Brauckmiller E P <enda.purcell () cw com> on 05/21/2003 09:29:09 AM To: security-basics () securityfocus com cc: (bcc: Craig Brauckmiller/LEK) Subject: Tools to Analyse Logs in Checkpoint NG Hi all, I am wondering if anybody has or have come across any scripting tools or good freeware package that can be used to analyse Checkpoint NG Firewall Log files. I'm faced with the task that I have several firewalls that I wish to produce reports on things like attack info from Smartdefence, attacks, usage, top talkers and all that fancy stuff. Hopefully someone may have come across something that could be used or easily modified to perform this rather than having to write my own scripts. I have looked in brief at WebTrends and I don't feel that it is granular enough for what I want thanks --------------------------------------------------------------------------- Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics ----------------------------------------------------------------------------
Current thread:
- Tools to Analyse Logs in Checkpoint NG E P (May 21)
- Re: Tools to Analyse Logs in Checkpoint NG Dr. S. A. Vetha Manickam (May 22)
- Re: Tools to Analyse Logs in Checkpoint NG yannick'san (May 22)
- <Possible follow-ups>
- Re: Tools to Analyse Logs in Checkpoint NG c_brauckmiller (May 22)
- Re: Tools to Analyse Logs in Checkpoint NG H Carvey (May 22)
- RE: Tools to Analyse Logs in Checkpoint NG Lachlan McGill (May 27)