[prev in list] [next in list] [prev in thread] [next in thread]
List: sidewinder
Subject: AW: [Sidewinder] FTP Of Log Files - Try 2
From: sidewinder-admin () adeptech ! com
Date: 2004-04-06 14:13:08
Message-ID: 200404071253.i37Crd512775 () aag ! adeptech ! com
[Download RAW message or body]
Richard,
if the problem is to schedule FTP, then you might find the following helpful. If the \
problem comes along with filenames being different every day, I suggest you could use \
mput instead of put along with filenames containing wildcards and do a ftp -i to \
suppress confirmations like "do you really want to ...? (y,n) . If you cant figure \
out which file to get - get them all. By modifying /etc/sidewinder/rollaudit.conf \
you can control how many generations of log files Sidewinder should keep. Setting \
these values to "1" you should get a single file even using wildcards.
Guess the ip-address of your internal ftp-server is 10.0.0.1
1. With Sidewinder 5.* you already got a script ( /root/watcher) which is scheduled \
on a daily base via crontab Add the following line there
ftp 10.0.0.1
just above the exit 0 line
2. Create a file /root/.netrc and make sure a" ls -aly " looks like
-rw------- .......... Admn:file .netrc
Here is what " .netrc " should contain
machine 10.0.0.1
login >>put valid username at ftp-server here <<
password >> valid password<<
macdef init
binary
put /var/log/audit.raw.0.gz audit_raw_0.gz - or whatever you want to transfer \
close
bye
This way you get "the keystrokes automated" you normally enter at the ftp-client to \
get a file transferred (for details please refer to the ftp manpages)
Hope that helps !
Sincerly
Dieter Rieken
ITEBO GmbH
-----Ursprüngliche Nachricht-----
Von: sidewinder-admin@adeptech.com
[mailto:sidewinder-admin@adeptech.com]
Gesendet: Montag, 5. April 2004 14:10
An: sidewinder@adeptech.com
Betreff: [Sidewinder] FTP Of Log Files - Try 2
In the next few months we will be converting from 5.2.1.0.9 to 6.1.
According to the classes and documentation the main log files will be named like the \
export data report files with date and time rather than audit.raw.X.gz.
We are looking into making the firewalls as sacrificial as possible by looking into \
ways for the sidewinders to FTP the log files to an internal server on a daily basis. \
This would be the audit.raw logs, maillogs, daemon.log files, etc.
Does anyone currently do this and if so, how did you set this up? What are your \
thoughts, does it work well?
Richard St. John
Graybar Electric Company
_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic