Turn your Cisco PIX Syslog files into Graphs using Syslog Junction.

  • November 20, 2007
  • 2 minute read
I was setting up a bunch of monitoring at work as we hadn’t have that much implemented. I ran into this application in a random fashion. Sys Junction is an application that graphs out syslog data from Cisco PIX firewalls.

I was setting up a bunch of monitoring at work as we hadn’t have that much implemented. I ran into this application in a random fashion. Sys Junction is an application that graphs out syslog data from Cisco PIX firewalls.

The setup is simple, you download the install archive, extract it and then run the install script “run.sh”. You will need to make sure that the file has executable permissions, since my install was a linux install (they also have a windows version). Run “chmod u+x run.sh” beforehand. You would think that from reading the documentation the install would occur, but no install actually occurs. Once you type “run.sh” the application forks into the background and starts printing random logging information on your terminal. It doesn’t even install as a service, you have to do this yourself.

Now that you have Syslog Junction running, you can open up your web browser and point it to “http://127.0.0.1:11052” or the IP address of the server you have it running on. You should see a login screen, enter in the default login information which is “admin/letmein”. And bam you either see graphs or no graphs!

I didn’t have graphs! I look back now and think, should have spent 3 hours on trying to get this to finally work or not? Was it worth all the trouble of trying to figure out the problem instead of having a Install Document or any type of information other than a couple pages of a PDF file with only a couple pages of information.

After look at the logs in the folder “logs”, I see in the file “SLJunction.log”. So I decide to tail it to see whats in it. And Viola! I get an error message

2007-11-20 16:12:29,640 ERROR sljunction.SLJunctionApp - Unable to start Syslog server. Address already in use

So I ponder to myself and do what anybody in my position would do, start grinding out the debugging tools. So I run netstat:


[root@pablo:/var/www/default/SLJunction/logs]# netstat -nlp | grep syslog
udp 110400 0 0.0.0.0:514 0.0.0.0:* 4646/syslogd

Oh and look syslog had the -r option for remote machine logging. So I disabled syslog and start Syslog Junction again and no more error. But instead of getting pretty graphs, I get blank ones again.

After further testing it look as though you have to make sure that your Cisco PIX is sending only Informational syslog data otherwise it pick up the traffic.

All in all, a good application, but time consuming!

Visit the Syslog Junction site.


Did you like this article?


0 Shares:
Share 0
Tweet 0
Share 0
Share 0
— Previous article

Have Windows 2003 event viewer alerts sent to a network syslog server

Next article —

Backup and Image your hard drives with DriveImage XML for free under Windows

You May Also Like

WoW Database Site Sells for $1 Million

  • by
  • June 24, 2007
WoW Database Site Sells for $1 Million - MattHock writes "Wowhead (a WoW information database) has to ZAM (Affinity Media) for the price of $1 Million. ZAM is the owner of several other WoW databases, including Thottbot and Allakhazam. Until recently Affinity was also the owner of IGE, a highly controversial company that sold in-game wealth for real life money. Affinity recently sold IGE, which Wowhead claims as the reason they allowed the sale to go through. But did ZAM really sell IGE? The blogger who put this story online doubts that IGE and ZAM have actually distanced themselves. He believes that the supposed sale was just actually a means of restructuring to hide the relationship, similar to how IGE's relationship to Thottbot was hidden for a number of months through a convoluted set of parent companies."

Read more of this story at Slashdot.

 [Slasdot]
Read More

24-hour Test Drive of PC-BSD

  • by
  • June 19, 2007
My original colocation machine was FreeBSD 4.2 and it was fun to play with. The package system was great, you could either compile or install pre-compiled versions. However, when you upgrade and leave compiled/pre-compiled packages dormant. They can come back to bit you in the ass with dependency issues and the package database breaking. I'm glad someone is making an effort to make it more user friendly, although I don't run BSD I love a lot of its features. 24-hour Test Drive of PC-BSD - An anonymous reader writes "Ars Technica has a concise introduction to PC-BSD, a FreeBSD derivative that emphasizes ease of use and aims to convert Windows users. The review describes the installation process, articulates the advantages of PC-BSD,and reveal some of the challenges that the reviewer faced along the way. From the article: 'In the end, I would suggest this distribution to new users provided they had someone to call in case of a driver malfunction during installation. I would also recommend PC-BSD to seasoned Unix users that have never tried using FreeBSD before and would prefer a shallower learning curve before getting down to business.'"

Read more of this story at Slashdot.

 [Slasdot]
Read More

Apple passes Amazon to become the #3 US music retailer

  • by
  • June 23, 2007
Apple passes Amazon to become the #3 US music retailer -

Filed under: ,


Things must seem pretty rosy in Cupertino -- just a week before the mega-hyped launch of you-know-what, market research group NPD's quarterly survey shows Apple has passed Amazon to become the third biggest music retailer in the US. This isn't the biggest of surprises, since Steve himself predicted that the iTunes Store would overtake Amazon at the Showtime event back in September, but the leap to #3 is a little unexpected, since Apple also outpaced Target last quarter. iTunes is now rocking a 10% market share, just behind Wal-Mart at 16% and Best Buy at 14%, and while we don't expect to see it pass those two giants anytime soon, we'd bet that uptick in DRM-free sales has got the iTMS crew at Apple licking their chops.

 

Read | Permalink | Email this | Comments

Office Depot Featured Gadget: Xbox 360 Platinum System Packs the power to bring games to life!

 [EnGadget]
Read More