Take a look at www.webtends.com. Their Firewall/VPN Suite ca do "realtime" log retrieval of FW1 logs and create a html-page of it. Danny Kruitbosch RDC Datacentrum The Netherlands Mike Anning schreef: > Thanks to all that responded to this question, altough I'm afraid some may have > slightly missed the point :-) > > I would like for helpdesk and other support staff to be able to point their > browser to a specified address and be able to view the Firewall logs realtime > (from the inside only), without installing the Log Viewer software, thus without > the need for additional user accounts on the Firewall itself. > The majority of use on this particular Firewall is VPN so there are a multitude > of users connecting through and if they cannot get to where they need to get to > then the inital response from them and the support people is that there is a > problem with the Firewall!! Obviously this is rarely true as the users are > either entering incorrect credtentials or are simply not allowed to go where > they are trying to go. > > If support could quickly view the Logs through a browser it would save me a > whole heap of time and generally raise the awareness and confidence within the > support departments (It doesn't matter how many times I tell them something they > still don't get it! :-) > > Many thanks again > > Mike > > "Frost, Timothy E" <[EMAIL PROTECTED]> on 26/05/2000 00:17:55 > > To: "'Robert MacDonald'" <[EMAIL PROTECTED]>, Mike Anning/WEY/EU/CHEP@CHEP, > [EMAIL PROTECTED] > cc: > Subject: RE: [FW1] Log Viewer > > It is possible to give different people different rights. From table 7.1 on > page 225 of the version 4.0 Architecture and Administration manual: > Monitor-Only can access the log viewer and system status only > Read only can view, but not change, policy > User edit can modify user data (but presumably not the policy > and rulebase) > Read-Write Can do everything > > If Mike's helpdesk staff have Monitor-Only access, they can run the log > viewer and status monitor tools, but not the policy editor. > > Tim > > -- > Timothy Frost mailto:[EMAIL PROTECTED] > EDS New Zealand Fax: +64-4-495-0473 > 8 Gilmer Terrace Phone: +64-4-495-0504 > P O Box 3647 > Wellington > New Zealand > > > -----Original Message----- > > From: Robert MacDonald [SMTP:[EMAIL PROTECTED]] > > Sent: Friday, May 26, 2000 6:22 AM > > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > > Subject: Re: [FW1] Log Viewer > > > > > > For simple problem resolution, the logviewer is a good place to be(as long > > as the problem is being logged - hint, FW-1 <=v4.0 doesn't log policy > > properties). You see almost immediately, the successes and failures(both > > intended and not intended ;-) > > > > If what you want is after the fact short &/or long term problem analysis, > > look into something along the lines of WebTrends for Firewalls & > > VPNs(www.webtrends.com). It iwll create reports and put them into a very > > detailed HTML, among other formats(see examples on their site). These can > > also be scheduled. > > > > Like most logging, it's a reactive world. If you need something to tell > > you if your being 'attacked', then IDS's are the area closer to > > proactivity. > > > > Best of Luck! > > Robert > > > > - - > > Robert P. MacDonald, Network Engineer > > G o r d o n F o o d S e r v i c e > > Voice: +1.616.261.7987 email: [EMAIL PROTECTED] > > > > >>> "Mike Anning" <[EMAIL PROTECTED]> 5/25/00 1:27:53 PM >>> > > > > > >Does anyone know if there is an easy way for the Log Viewer, or the log > > at least > > >to be accessible to others. > > > > > >I'm thinking of allowing helpdesk type people to view the log so they can > > easily > > >diagnose simple problems. > > >I realise I could install the Log Viewer onto their systems with a Read > > Only > > >account, but I was wondering if anyone knows of a way to make the current > > log > > >available through a web browser. > > > > > >Any thoughts would be greatly appreciate > > > > > >Cheers > > > > > >Mike > > > > > > > > > > ========================================================================== > > ====== > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ========================================================================== > > ====== > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================
begin:vcard n:Kruitbosch;Danny tel;work:+31(0)20 5497913 x-mozilla-html:FALSE url:www.rdc.nl org:RDC DataCentrum B.V.;Netwerk Ontwikkeling adr:;;Postbus 74707;Amsterdam;;1070 BS;Nederland version:2.1 email;internet:[EMAIL PROTECTED] x-mozilla-cpt:;0 fn:Danny Kruitbosch end:vcard
