Re: PFLogging to Syslog

Thu, 22 Sep 2005 16:31:08 -0700

You could also try using Prelude. At heart, it's a Hybrid IDS/IPS, but can also be used to collect Syslogs from multiple servers and view them much like syslog-ng. 

SF

----Original Message Follows----
From: Qv6 <[EMAIL PROTECTED]>
To: "James Mackinnon" <[EMAIL PROTECTED]>
CC: misc@openbsd.org
Subject: Re: PFLogging to Syslog
Date: Tue, 20 Sep 2005 18:49:05 -0500
MIME-Version: 1.0
Received: from shear.ucar.edu ([192.43.244.163]) by mc3-f1.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 20 Sep 2005 16:55:29 -0700 Received: from openbsd.org (localhost.ucar.edu [127.0.0.1])by shear.ucar.edu (8.13.4/8.13.4) with ESMTP id j8KNpO7u015299for <[EMAIL PROTECTED]>; Tue, 20 Sep 2005 17:53:15 -0600 (MDT) Received: from rwcrmhc12.comcast.net (rwcrmhc13.comcast.net [204.127.198.39])by shear.ucar.edu (8.13.4/8.13.3) with ESMTP id j8KNoksl003313for <misc@openbsd.org>; Tue, 20 Sep 2005 17:50:49 -0600 (MDT) Received: from [192.168.2.3] (c-24-0-124-104.hsd1.tx.comcast.net[24.0.124.104])by comcast.net (rwcrmhc13) with ESMTP id <200509202350280150048mjte>; Tue, 20 Sep 2005 23:50:33 +0000 
X-Message-Info: JGTYoYF78jHmhlHRrThTN1PWK1L4XR7MhEgDfoyRWJQ=
User-Agent: KMail/1.7.2
References: <[EMAIL PROTECTED]>
X-Loop: misc@openbsd.org
Precedence: list
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 20 Sep 2005 23:55:29.0383 (UTC) FILETIME=[C779DF70:01C5BE3E] 

On Tuesday 20 September 2005 08:43 am, James Mackinnon wrote:
> Good day everyone
>
> I have 20+ OpenBSD firewalls setup across Canada and I wanted to
> bring the logs to a central server so I can make them web enabled so
> I can view them in a web app

>
> Is there a better technique I should be using for 20+ firewalls
> logging to a central server and then what web app would you recommend
> so I could look at the logs in some type of non-console view
>
> Any suggestions and recommendations would be great as I would like to
> get this right the first time:)
>

I use syslog-ng to set up a log server, with each remote log client
logging to a file correspong to its hostname, and set up Webmin on the
log server. Reading the logs is just a matter of logging into Webmin
and reading any log file I choose.
This has the added bonus that you can read the logs from anywhere -
securely

Reply via email to