Turn your Cisco PIX Syslog files into Graphs using Syslog Junction.

  • November 20, 2007
  • 2 minute read
I was setting up a bunch of monitoring at work as we hadn’t have that much implemented. I ran into this application in a random fashion. Sys Junction is an application that graphs out syslog data from Cisco PIX firewalls.

I was setting up a bunch of monitoring at work as we hadn’t have that much implemented. I ran into this application in a random fashion. Sys Junction is an application that graphs out syslog data from Cisco PIX firewalls.

The setup is simple, you download the install archive, extract it and then run the install script “run.sh”. You will need to make sure that the file has executable permissions, since my install was a linux install (they also have a windows version). Run “chmod u+x run.sh” beforehand. You would think that from reading the documentation the install would occur, but no install actually occurs. Once you type “run.sh” the application forks into the background and starts printing random logging information on your terminal. It doesn’t even install as a service, you have to do this yourself.

Now that you have Syslog Junction running, you can open up your web browser and point it to “http://127.0.0.1:11052” or the IP address of the server you have it running on. You should see a login screen, enter in the default login information which is “admin/letmein”. And bam you either see graphs or no graphs!

I didn’t have graphs! I look back now and think, should have spent 3 hours on trying to get this to finally work or not? Was it worth all the trouble of trying to figure out the problem instead of having a Install Document or any type of information other than a couple pages of a PDF file with only a couple pages of information.

After look at the logs in the folder “logs”, I see in the file “SLJunction.log”. So I decide to tail it to see whats in it. And Viola! I get an error message

2007-11-20 16:12:29,640 ERROR sljunction.SLJunctionApp - Unable to start Syslog server. Address already in use

So I ponder to myself and do what anybody in my position would do, start grinding out the debugging tools. So I run netstat:


[root@pablo:/var/www/default/SLJunction/logs]# netstat -nlp | grep syslog
udp 110400 0 0.0.0.0:514 0.0.0.0:* 4646/syslogd

Oh and look syslog had the -r option for remote machine logging. So I disabled syslog and start Syslog Junction again and no more error. But instead of getting pretty graphs, I get blank ones again.

After further testing it look as though you have to make sure that your Cisco PIX is sending only Informational syslog data otherwise it pick up the traffic.

All in all, a good application, but time consuming!

Visit the Syslog Junction site.


Did you like this article?


0 Shares:
Share 0
Tweet 0
Share 0
Share 0
— Previous article

Have Windows 2003 event viewer alerts sent to a network syslog server

Next article —

Backup and Image your hard drives with DriveImage XML for free under Windows

You May Also Like

Fiber Optic Table Illuminates Your Dining

  • by
  • June 24, 2007
Fiber Optic Table Illuminates Your Dining - Deepa writes "We highly doubt LumiGram's Luminous Fiber Optic Tablecloth was designed with power outages in mind, but why hook up a boring string of lamps or fiddle with half melted candles when you can plug this bad boy into the generator? The cloth, which has fiber optics woven throughout, cotton borders, and a Europlug mains adapter, proves most useful when the lights are dimmed, and should prove quite the centerpiece at your next get-together. The illuminating device is available in a trio of sizes, comes in a variety of color schemes."

Read more of this story at Slashdot.

 [Slasdot]
Read More

How To: Stream Music From The iPhone In Ubuntu w/ Rhythmbox

  • by
  • October 11, 2007
I know that you can get your ipod working within Linux using gtkipod, and if you actually mount the file system on the ipod you can then write to it use gtkipod. I don't know why jailbreaking and mounting the iphone is required. Good read though.
How To: Stream Music From The iPhone In Ubuntu w/ Rhythmbox - >>>>>>>> This is the Best Damn Guide EVER written to stream media from your iPhone to your Ubuntu PC using Rythmbox.
Read More

New LinuxCOE helps admins customize distros

  • by
  • June 19, 2007
This is a really neat idea. You can roll all of your scripted installations for all of your distributions into one application, instead of configuring each distributions application. For example, if you wanted to install RedHat, you no longer need Kickstart. The same would go for Ubuntu, no more preseed. Just one application to handle all of the scripted installations. 
New LinuxCOE helps admins customize distros - Hewlett-Packard released version 4 of its Linux Common Operating Environment (LinuxCOE) software this month. LinuxCOE is a front end to a set of Perl scripts that helps administrators by building customized install images for various Linux... [Linux.com]
Read More

Red Hat Vows To Stand Up To Patent Intimidation

  • by
  • October 11, 2007
It looks like Red Hat isn't going to allow Microsoft to bully them into paying for Patent Protection. Microsoft has stated that linux is infringing on multiple patents and intellectual property. Red Hat provides an enterprise Linux operating system, when you're more or less purchasing continual and automatic updates and the option for Technical Support from RedHat directly. Red Hat previously provided their Variant of Linux for free, and then discontinued it. They now provide a free desktop version called Fedora there are also other variants of Fedora like CentOS which is more of an enterprise operating system very much like Red Hat but not affiliated with Red Hat directly.
Read More