[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sidewinder
Subject:    AW: [Sidewinder] FTP Of Log Files - Try 2
From:       sidewinder-admin () adeptech ! com
Date:       2004-04-06 14:13:08
Message-ID: 200404071253.i37Crd512775 () aag ! adeptech ! com
[Download RAW message or body]

Richard,

if the problem is to schedule FTP, then you might find the following helpful. If the \
problem comes along with filenames being different every day, I suggest you could use \
mput instead of put along with filenames containing wildcards and do a ftp -i  to \
suppress confirmations like "do you really want to ...? (y,n) . If you cant figure \
out which file to get - get them all.  By modifying /etc/sidewinder/rollaudit.conf  \
you can control how many generations of log files Sidewinder should keep. Setting \
these values to "1" you should get a single file even using wildcards. 




Guess the ip-address of your internal ftp-server is 10.0.0.1

1. With Sidewinder 5.* you already got a script ( /root/watcher) which is scheduled \
on a daily base via crontab Add the following line there
ftp 10.0.0.1 
just above the exit 0 line

2. Create a file /root/.netrc and make sure a" ls -aly " looks like
-rw------- .......... Admn:file .netrc
Here is what " .netrc " should contain

machine 10.0.0.1
login >>put valid username at ftp-server here <<
password >> valid password<<
macdef init
binary
put /var/log/audit.raw.0.gz audit_raw_0.gz    - or whatever you want to transfer      \
 close
bye
 
This way you get "the keystrokes automated" you normally enter at the ftp-client  to \
get a file transferred (for details please refer to the ftp manpages)

Hope that helps !

Sincerly

Dieter Rieken
ITEBO GmbH


-----Ursprüngliche Nachricht-----
Von: sidewinder-admin@adeptech.com
[mailto:sidewinder-admin@adeptech.com]
Gesendet: Montag, 5. April 2004 14:10
An: sidewinder@adeptech.com
Betreff: [Sidewinder] FTP Of Log Files - Try 2


In the next few months we will be converting from 5.2.1.0.9 to 6.1.

According to the classes and documentation the main log files will be named like the \
export data report files with date and time rather than audit.raw.X.gz.

We are looking into making the firewalls as sacrificial as possible by looking into \
ways for the sidewinders to FTP the log files to an internal server on a daily basis. \
This would be the audit.raw logs, maillogs, daemon.log files, etc.

Does anyone currently do this and if so, how did you set this up? What are your \
thoughts, does it work well?

Richard St. John
Graybar Electric Company



_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder

_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic