[Snort-users] Pix Logsnorter and ACID

Chris Ehlers Chris.Ehlers at ...6780...
Wed Sep 4 09:17:08 EDT 2002


Hi All

I recently installed logsnorter and ACID with the intent to interpret PIX
firewall logs.  After I got everything working I found an link to Neohapsis
where Jason Haar (logsnorter author) says that logsnorter does not support
PIX logs. Included is an extract of a mail he sent to me:

On Mon, Sep 02, 2002 at 07:49:42PM +0100, Chris Ehlers wrote:
> Hi Jason
> 
> Just to clarify a matter,  does logsnorter support pix

No it doesn't. I've given up on it anyway. I've found there's enough things
being reported in snort that I don't need to report all the things seen by
routers/etc.

Too much information is as bad as too little sometimes...

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

Why does http://www.andrew.cmu.edu/~rdanyliw/snort/snortacid.html say that
logsnorter does support PIX log format?  Did somebody do extra work on the
code to include pix?  Is there any other open source apps that does support
pix logs?

Any help on this matter will be much appreciated.

Kind Regards


Christiaan Ehlers
Network Specialist
Mosaic UK
40 The Strand, London, WC2N 5HZ
Direct Dial: 0870 736 8741
Fax: 0870 7368822
Email: chris.ehlers at ...6778...
www.mosaic.com

Real Solutions. Real Results





More information about the Snort-users mailing list