RE: What are the best open source cisco pix log analyzers?

["Robertson, Seth (JSC-IM)" <Seth.Robertson-1 () nasa gov>]

Good luck, I'm afraid there basically aren't any.  There is the Honeynet
Security Console and a Perl script called FISQ which is used to import
log data into the HSC database, but I didn't have much luck with it.
For example, the name of the table my firewall data was stored in was
longer than 16 characters, which violated an undocumented requirement
for HSC to be able read data from it.  A cheap alternative is FireGen,
which runs about $200.  It produces pretty good reports, but isn't
customizable.

BTW, there's a firewalls () securityfocus com mailing list which you would
probably have better success with.


Seth Robertson


-----Original Message-----
From: pine () menow com [mailto:pine () menow com] 
Sent: Tuesday, June 13, 2006 12:53 PM
To: focus-ids () securityfocus com
Subject: What are the best open source cisco pix log analyzers?

Hello, everyone .



I am looking for the best open source log analyzers or parsers for Cisco
PIX.



Please recommend.



I found these

http://fwlogwatch.inside-security.de/

http://www.wallfire.org/wflogs/

I don't think they are the best of the available



Thanks a lọt


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------