[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sidewinder
Subject:    RE: [Sidewinder] Audit logs
From:       sidewinder-admin () adeptech ! com
Date:       2003-03-31 19:36:06
[Download RAW message or body]

Is there a similar mechanism for doing this in Sidewinder 5.1? There are a couple servers that have not been upgraded yet and I have no timeframe for when that will occur.

Nathan

-----Original Message-----
From: sidewinder-admin@adeptech.com
[mailto:sidewinder-admin@adeptech.com]
Sent: Monday, March 31, 2003 11:48 AM
To: sidewinder@adeptech.com
Subject: Re: [Sidewinder] Audit logs


Sidewinder also supports the Sidewinder Export Format, which is designed 
specifically for ease of machine processing.  Details of the format, and 
sample Perl and Python code for parsing it, can be found at

http://www.securecomputing.com/pdf/SEF-60.pdf

SEF was introduced with Sidewinder 5.2.  You configure it in auditd.conf 
(just look at the man page).  You can write it to a file, or stream it to 
a syslog server in real time.  On Sidewinder G2 6.0, you can also use the 
"cf export" command to automatically push timestamped audit files (in 
raw, WELF, or SEF format) to an FTP server automatically as they roll.

--On Monday, March 31, 2003 11:19 AM -0700 sidewinder-admin@adeptech.com 
wrote:

> I'm working on a project to move audit files from the
> sidewinder/firewall to another machine on the network and then putting
> the data in a format that is easily readable/parseable. I saw on an old
> post that Webtrends has product that will read and display the
> information in a graphical format after it has been exported from the
> server into a WELF format. Does anyone else know of a way to do this
> without using Webtrends. I don't mind writing the code to parse the
> files and was thinking about putting them into a database so that the
> data will be searchable and analysis can be performed.
>
> Sincerely,
> Nathan L. Nash

_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder

_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic