Volume SYSLOG JUNCTION. User s Guide. User s Guide



Similar documents
Installation and Configuration Guide

Enterprise Manager. Version 6.2. Installation Guide

Installation and Deployment

Cyclope Internet Filtering Proxy

ITA Mail Archive Setup Guide

freesshd SFTP Server on Windows

Spam Marshall SpamWall Step-by-Step Installation Guide for Exchange 5.5

WorldExtend IronDoor 3.5 Publishing a Terminal Services Application

SysAidTM Freeware Installation Guide

Where can I install GFI EventsManager on my network?

Multi-Homing Dual WAN Firewall Router

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Where can I install GFI EventsManager on my network?

SonicWALL Global Management System Installation Guide Entry Edition. Version 2.1

Cyclope Internet Filtering Proxy. - Installation Guide -

Securing Networks with PIX and ASA

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

MFPConnect Monitoring. Monitoring with IPCheck Server Monitor. Integration Manual Version Edition 1

Security Correlation Server Quick Installation Guide

Lab Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance

Security Correlation Server Quick Installation Guide

1 Basic Configuration of Cisco 2600 Router. Basic Configuration Cisco 2600 Router

Setting up an MS SQL Server for IGSS

Network Probe User Guide

To install Multifront you need to have familiarity with Internet Information Services (IIS), Microsoft.NET Framework and SQL Server 2008.

Emerald. Network Collector Version 4.0. Emerald Management Suite IEA Software, Inc.

Novell Nsure Audit Installation Guide. novdocx (ENU) 01 February Novell NsureTM Audit INSTALLATION GUIDE.

Firewall Firewall August, 2003

Projetex 9 Workstation Setup Quick Start Guide 2012 Advanced International Translations

Kaseya Server Instal ation User Guide June 6, 2008

Installing The SysAidTM Server Locally

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

intertrax Suite resource MGR Web

F-Secure Client Security. Administrator's Guide

v5.2 Installation Guide for Websense Enterprise v5.2 Embedded on Cisco Content Engine

Installing GFI MailSecurity

v6.1 Websense Enterprise Reporting Administrator s Guide

Gigabyte Management Console User s Guide (For ASPEED AST 2400 Chipset)

idatafax Troubleshooting

Setting Up a Unisphere Management Station for the VNX Series P/N Revision A01 January 5, 2010

About this Getting Started Guide. Enabling Log Management... 2 Applying a License... 4 Using Log Management How to forward logs...

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Gigabyte Content Management System Console User s Guide. Version: 0.1

Network Defense Tools

NEFSIS DEDICATED SERVER

How To - Implement Single Sign On Authentication with Active Directory

SysAid Freeware Installation Guide

Virtual Appliance Setup Guide

User s Manual CONTENT. Nano NAS Server for USB storages. 1. Product Information Product Specifications System requirements..

Resolving H202 Errors (INTERNAL)

CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities

Collax Web Security. Howto. This howto describes the setup of a Web proxy server as Web content filter.

Uptime Infrastructure Monitor. Installation Guide

Kerio WinRoute Firewall Features Summary and Simple Setup Guide (for version 6.x)

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

IIS, FTP Server and Windows

Installation Steps for PAN User-ID Agent

The data between TC Monitor and remote devices is exchanged using HTTP protocol. Monitored devices operate either as server or client mode.

Using Internet or Windows Explorer to Upload Your Site

Fluke Networks NetFlow Tracker

Synametrics Technologies

Pearl Echo Installation Checklist

Lab Configuring Access Policies and DMZ Settings

Set up a Home Secure Global Desktop Enterprise Edition Remote Access Server

COMMANDS 1 Overview... 1 Default Commands... 2 Creating a Script from a Command Document Revision History... 10

Deploying Intellicus Portal on IBM WebSphere

Salesforce Integration

Polar Help Desk Installation Guide

Danware introduces NetOp Remote Control in version 7.01 replacing version 7.0 as the shipping version.

Scan to Quick Setup Guide

Setting up pfsense as a Stateful Bridging Firewall.

WhatsUp Event Archiver v10 and v10.1 Quick Setup Guide

Introweb Remote Backup Client for Mac OS X User Manual. Version 3.20

1 You will need the following items to get started:

Browser Client 2.0 Admin Guide

Rebasoft Auditor Quick Start Guide

RemotelyAnywhere Getting Started Guide

NETASQ ACTIVE DIRECTORY INTEGRATION

Domain Name. Domain Registrar. Web Site cpanel URL: Username: Password: Username: Password:

NetIQ Sentinel Quick Start Guide

Out n About! for Outlook Electronic In/Out Status Board. Administrators Guide. Version 3.x

BMC Remedy Integration Guide

Web VTS Installation Guide. Copyright SiiTech Inc. All rights reserved.

OneLogin Integration User Guide

Compiere ERP & CRM Installation Instructions Windows System - EnterpriseDB

tpischeduler tpischeduler TotalFBO tpischeduler TotalFBO Initial Installation tpischeduler TotalFBO tpischeduler

enetworks TM Using the Syslog Feature C.1 Configuring the Syslog Feature

WHY USE ILLUMIN8 MARKETING FOR HOSTING YOUR WEB SITE?

Avalanche Remote Control User Guide. Version 4.1.3

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

ecopy ShareScan v4.3 Pre-Installation Checklist

HOW TO CONFIGURE PASS-THRU PROXY FOR ORACLE APPLICATIONS

The Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series

Tracking Network Changes Using Change Audit

NETWORK SET UP GUIDE FOR

Contents. Platform Compatibility. GMS SonicWALL Global Management System 5.0

Elluminate Live! Access Guide. Page 1 of 7

Transcription:

Volume 1 SYSLOG JUNCTION User s Guide User s Guide

SYSLOG JUNCTION USER S GUIDE Introduction I n simple terms, Syslog junction is a log viewer with graphing capabilities. It can receive syslog messages from a server which are then filtered and plotted as graphs. Although message from any syslog server can be received by Syslog Junction, currently a parser is available for Cisco PIX firewall. Parsers for other syslog servers will be added in the future. System Requirements Syslog Junction is server based software that can run on multiple operating systems. Following table lists the minimum system requirement for Syslog Junction. Operating System Processor Memory Hard disk JVM Windows NT, XP, 2000, 2003, Linux, Solaris, MacOS X 500 MHz or above clock speed 128 Minimum (512 Recommended) 30 MB Only required for Solaris and MacOS X. A JVM is included with the Windows and Linux version of the installer Installation Installation of Syslog Junction is pretty straight forward download the installer from AboutMyX website and run it. On Windows it will create a Windows Service. However, on other operating systems you have to manually add a starter script in /etc/init.d/ directory. Contact support if you need help in creating this script. Configuration Before Syslog Junction can plot graphs and display data, you have to configure your PIX firewall to send logging information to the machine where Syslog Junction is running. It is assumed that you are familiar with how to change configuration on a PIX firewall. Consult Cisco documentation for further information. Following steps show how to configure your PIX firewall. 1

1. Open a TELNET session to your firewall and provide necessary login information. 2. Turn on privilege commands mode by typing enable at the prompt. 3. Type configure terminal to go into configuration mode 4. Type the following command to enable logging logging on logging trap informational logging host inside 192.168.1.50 5. After typing the above lines type the show command and confirm the settings. show logging 6. Save and exit write memory exit exit NOTE: The last line in the above script assumes that you have installed Syslog Junction on a machine where the IP address is 192.168.1.50. Most likely, you will have a different IP and therefore, will have to change it. 2

Using Syslog Junction Once your PIX firewall is properly configured and Syslog Junction is installed on the machine, you should see traffic graph through a browser. To connect to Syslog Junction open up a browser window and type the following URL. This document assumes that the IP address of the machine is 192.168.1.50. Change this value if you are running it on a different machine http://192.168.1.50:11052 This will open up the login screen. The default user ID and password for Syslog Junction is: UserID: admin Password: letmein 3

Viewing graphical data After you login, you will automatically be redirected to the reports screen This graph shows you inbound as well as outbound traffic passing through your firewall with the amount of data transfer for every machine. Following table explains each column in the report 4

Lan IP Wan IP Bytes Transferred This is the internal IP address of a machine in your network This is the external IP address of a machine in your network. If a one-to-one mapping does not exist, you will see more than one machine having the same external IP. This is normally the case when you use NAT. Amount of data that is either sent or generated by a machine Click on the link for a machine s IP to see the detail information. The detail view shows you transferred bytes and the number of TCP/IP connections for a particular port. The image above is an example of a machine that is running a POP3, HTTP, SMTP and DNS server. Clearing Cache Syslog Junction maintains an internal cache that holds data counters for the server. When you clear the cache, these counters get reinitialized and all graphs will start from 0 bytes. 5

Live Monitoring Live monitoring allows you to see records as they are sent by your firewall. In order to view messages in Live Monitor, you have to install Java plugin for your browser. Note: When messages are displayed in formatted grid, you will not see all messages that are sent from the firewall. To see all messages view the raw log. Filtering messages Live monitor can generate lots of rows in matter of seconds. Therefore, it is highly recommended that you filter messages. Message filters work by specifying one or more Regular Expressions that are used against any incoming message. Therefore, let s say 6

you want to see messages for one machine, the simplest way is to put that machine s IP address. Changing Configuration By default the HTTP server within Syslog Junction listens on port 11052. This value can be changed by modifying SLJunctionConfig.xml file in the config folder. The same file holds the login password for the admin account. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information