[ previous ] [ next ] [ threads ]
 
 From:  <pmok at optushome dot com dot au>
 To:  "Brett Krueger" <sigterm at rootednetworks dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Logging
 Date:  Sun, 16 Jan 2005 13:53:26 +1100
Agreed...You can use Linux or BSD boxes to act as
log servers, as well as Windows (if you wish). I've
tried all three, they work perfectly fine with M0n0Wall.

In fact, I have two M0n0Wall boxes on the same
LAN connected to 2 different Cable ISPs. Both can
send their logs to my Linux PC simultaneously.

On Windows, you can try a free (but very limited)
3Com app called 3CSyslog OR search in google.com
for => Syslog Windows

There's atleast another I know that's free (another
limited feature one) but if you want full or more features,
you need to pay. I think its called KiwiSyslog.

Do a little "Googling" and you'll find what you need.

Regards
-Stmok


----- Original Message ----- 
From: "Brett Krueger" <sigterm at rootednetworks dot com>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Sunday, January 16, 2005 8:00 AM
Subject: Re: [m0n0wall] Logging


> Jason:
> if you have some sort of nix box, you can use the default syslogd
> usually recieve events from m0n0wall.  ie) set your m0n0wall config to
> forward syslogd events,
> http://m0n0wall_ip/diag_logs_settings.php
>
> check off the "Enable syslog'ing to remote server"
> enter its ip address
> check what you would like to be logged.
> ie) firewall events... possibly system events.
>
> configure syslogd on your remote syslogd box to recieve m0n0wall
> requests. on linux: syslogd -m 0 -r
>
> restart syslogd. bingo.... your logging to a remote server.
>
> if you want to curve it even more you can always "tail" your logfile
> wiht grep statements i suppose.
> ie) tail -F /var/log/m0n0wall |grep ipmon
>
> hope thats what you need.
>
> -brett
> Jason wrote:
> > Anyone have any suggestions on syslog software to look for firewall
hits.  I
> > guess i'm just looking for something that will let me know of anything
major
> > attacks the firewall.
> >
>
  -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

% - Wind: W @ 0 km/h
> >  Baro: 1035.04 kPa Steady - Vis: 14 km - Sky: Few Clouds - Weather: ---
> >
> >  =-=-=-= Website: http://www.WeatherServer.net =-=-=-=-=-=-=-=
> >  Southern Ontario Weather Email Alerts, Closed Road Alerts
> >
>
> -- 
> << sigterm >>
> Brett Krueger
> sigterm at rootednetworks dot com
> Administrator
> High Speed Unix Hosting/Shell Services and Consulting.
> http://www.rootednetworks.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
> __________ NOD32 1.972 (20050115) Information __________
>
> This message was checked by NOD32 antivirus system.
>   part000.txt - is OK
>
> http://www.nod32.com
>
>