I am looking to
forward syslog from all, or most, of our switches and routers to our central
syslog logging system(Solaris box). I would like for the Server Sensor on that
Solaris machine to look for certain security-related events form the
router/switch syslogs. Has anyone out there done this before? If so, what
specific events did you find important to look for in the Cisco
logs?
Eric S. Lewis
Technical Security Officer (Technical Team
Lead)
