CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3, 9/7.
2. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > SmartView Tracker/Logging And Alerting
Reload this Page Real-time monitoring and analysis of entire FW logs
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2006-08-01
Clon32 Clon32 is offline
Junior Member
  
Join Date: 2006-07-18
Posts: 17
Rep Power: 0
Clon32 has an average reputation (10+)
Default Real-time monitoring and analysis of entire FW logs
Hi,

I have had a request to provide real time monitoring of all checkpoint fw logs. Has anybody worked with any enterprise monitoring and event correlation software to provide this funcationality. If so what would you recommend ?

I have found products by Symantec & Verisign. Has anyone used these products and would they recommend them ?

Thank you
Reply With Quote
  #2 (permalink)  
Old 2006-08-01
dbedit dbedit is offline
Senior Member
  
Join Date: 2006-06-14
Location: The Netherlands
Posts: 153
Rep Power: 3
dbedit has an average reputation (10+)
Default Re: Real-time monitoring and analysis of entire FW logs
Hi

Check loglogic, http://www.loglogic.com/
Works very good with CP!

Cheerz
Reply With Quote
  #3 (permalink)  
Old 2006-08-15
Wutkung Wutkung is offline
Member
  
Join Date: 2006-05-10
Posts: 32
Rep Power: 0
Wutkung has an average reputation (10+)
Default Re: Real-time monitoring and analysis of entire FW logs
Quote:
Originally Posted by dbedit
Hi

Check loglogic, http://www.loglogic.com/
Works very good with CP!

Cheerz
Are there any other solution ?

I don't prefer box-solution, just want any software that can install on other server (link KIWI)
Reply With Quote
  #4 (permalink)  
Old 2006-08-19
chillyjim chillyjim is offline
Senior Member
  
Join Date: 2005-08-29
Location: Upstate NY
Posts: 1,648
Rep Power: 5
chillyjim has an average reputation (10+)
Send a message via AIM to chillyjim Send a message via Skype™ to chillyjim
Default Re: Real-time monitoring and analysis of entire FW logs
Eventia? Right from Check Point.
Reply With Quote
  #5 (permalink)  
Old 2006-08-20
tdvit tdvit is offline
Senior Member
  
Join Date: 2005-08-30
Posts: 143
Rep Power: 4
tdvit has an average reputation (10+)
Default Re: Real-time monitoring and analysis of entire FW logs
Quote:
Originally Posted by chillyjim
Eventia? Right from Check Point.
you need to be running NGX to use this though yeah?
__________________
tdvit
CCSA
CCSE
Reply With Quote
  #6 (permalink)  
Old 2006-08-21
chillyjim chillyjim is offline
Senior Member
  
Join Date: 2005-08-29
Location: Upstate NY
Posts: 1,648
Rep Power: 5
chillyjim has an average reputation (10+)
Send a message via AIM to chillyjim Send a message via Skype™ to chillyjim
Default Re: Real-time monitoring and analysis of entire FW logs
Quote:
Originally Posted by tdvit
you need to be running NGX to use this though yeah?
Well your SmartCenter should be R60+ for analyzer. Reporter (historical log analysis) became usable with NGAI (R55/56).
Reply With Quote
  #7 (permalink)  
Old 2006-08-25
melipla melipla is offline
Senior Member
  
Join Date: 2006-01-25
Posts: 849
Rep Power: 3
melipla has an average reputation (10+)
Default Re: Real-time monitoring and analysis of entire FW logs
FYI Eventia Reporter and Eventia Analyzer are two seperate products--they can't run on the same system...it would be nice if they were one and the same.
Reply With Quote
  #8 (permalink)  
Old 2006-08-26
chillyjim chillyjim is offline
Senior Member
  
Join Date: 2005-08-29
Location: Upstate NY
Posts: 1,648
Rep Power: 5
chillyjim has an average reputation (10+)
Send a message via AIM to chillyjim Send a message via Skype™ to chillyjim
Default Re: Real-time monitoring and analysis of entire FW logs
Quote:
Originally Posted by melipla View Post
FYI Eventia Reporter and Eventia Analyzer are two seperate products--they can't run on the same system...it would be nice if they were one and the same.
It's coming (Q2'07 I hear). The problem is that EVA and EVR use different SQL databases and they collide if ran on the same system.

That being said, on any decent size environment, running both on the same system might not be a good idea anyway.
Reply With Quote
  #9 (permalink)  
Old 2006-09-27
ericsj ericsj is offline
Junior Member
  
Join Date: 2006-09-25
Posts: 3
Rep Power: 0
ericsj has an average reputation (10+)
Default Re: Real-time monitoring and analysis of entire FW logs
Not sure how "real-time" you need it to be, but this software might fulfill some aspects of what you're looking for. The database consolidates every 5 minutes or so, so it's pretty real-time.

This is what we use for traffic and security alert trends:

http://manageengine.adventnet.com/products/firewall/
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 20:37.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0