> --------------------- Attention ----------------------------- > Online GNAT Box User Forum is Now Open > Click the Register link and sign up today > http://www.gnatbox.com/cgi-bin/Ultimate.cgi > ------------------------------------------------------------- > Send postings to: [EMAIL PROTECTED] > Access the list archives at: http://www.gnatbox.com/gb-users/ > ------------------------------------------------------------- > My experience with syslog loggers has so far not been terribly successful. > I'm wondering if either it isn't the right solution to my needs or if it's > just that I haven't found the right logger yet. > > Here are some of my observations and what I would like to see / do: > > Syslog files get way too big too fast. Text editors are too cumbersome to > use with the large files. Configuring for a new file each day results in an > unwieldy file. Setting size limits per file results in too many files to sift > through for a given day. Seems like there should be a better way to store and > examine this information. > > Kiwi was suggested on the list some time back. It's line scrolling routines > must be atrocious as it can't keep up with the incoming data. If this condition > is left to continue, it becomes difficult to regain control of the Kiwi process > to stop the display. Real time displaying of data seems to be a common problem > for loggers. > > I'd like to be to set up criteria for logging where specified addresses or > port numbers are flagged or saved to a separate file. > > Automatic disk space management so I wouldn't have to delete files or face > running the logging system out of space. > > Real time display of statistics rather than raw data. > > I'm sure I have a few more "needs", but this should do for a start. > > Any comments? > > TIA, > Mike Benedict >
Mike: You might want to try Netal's 60 day trialware SL4NT (Syslog for NT/2000), that is if you are using NT or 2000. It requires that you be using Microsoft Management Console (MMC), as SL4NT runs as a snap-in. I have not explored all the possibilities of SL4NT but I can have f/w attack events log directly to a Telnet window, and log them to a file at the same time (via SL4NT). Support for the product is by Franz Krainer (the Author) on his newsgroup listings or by email. Those addresses and the prog can be found at http://www.netal.com. I cannot compare to the functionality offered by the Kiwi product, as I found SL4NT more than sufficient for my needs! I think it is worth a look for you. HTH, Regards, Bart Nikota Vice President, Technical Services Nikad Interactive Solutions Inc. 1300, 410-22nd Street East Saskatoon, SK Canada S7K 5T6 Bus. 1-306 652-1194 Fax. 1-306 934-3144 Email: [EMAIL PROTECTED] Web: http://www.nikad.sk.ca ===========================
