Turn your Cisco PIX Syslog files into Graphs using Syslog Junction.

I was setting up a bunch of monitoring at work as we hadn’t have that much implemented. I ran into this application in a random fashion. Sys Junction is an application that graphs out syslog data from Cisco PIX firewalls.

I was setting up a bunch of monitoring at work as we hadn’t have that much implemented. I ran into this application in a random fashion. Sys Junction is an application that graphs out syslog data from Cisco PIX firewalls.

The setup is simple, you download the install archive, extract it and then run the install script “run.sh”. You will need to make sure that the file has executable permissions, since my install was a linux install (they also have a windows version). Run “chmod u+x run.sh” beforehand. You would think that from reading the documentation the install would occur, but no install actually occurs. Once you type “run.sh” the application forks into the background and starts printing random logging information on your terminal. It doesn’t even install as a service, you have to do this yourself.

Now that you have Syslog Junction running, you can open up your web browser and point it to “http://127.0.0.1:11052” or the IP address of the server you have it running on. You should see a login screen, enter in the default login information which is “admin/letmein”. And bam you either see graphs or no graphs!

I didn’t have graphs! I look back now and think, should have spent 3 hours on trying to get this to finally work or not? Was it worth all the trouble of trying to figure out the problem instead of having a Install Document or any type of information other than a couple pages of a PDF file with only a couple pages of information.

After look at the logs in the folder “logs”, I see in the file “SLJunction.log”. So I decide to tail it to see whats in it. And Viola! I get an error message

2007-11-20 16:12:29,640 ERROR sljunction.SLJunctionApp - Unable to start Syslog server. Address already in use

So I ponder to myself and do what anybody in my position would do, start grinding out the debugging tools. So I run netstat:


[root@pablo:/var/www/default/SLJunction/logs]# netstat -nlp | grep syslog
udp 110400 0 0.0.0.0:514 0.0.0.0:* 4646/syslogd

Oh and look syslog had the -r option for remote machine logging. So I disabled syslog and start Syslog Junction again and no more error. But instead of getting pretty graphs, I get blank ones again.

After further testing it look as though you have to make sure that your Cisco PIX is sending only Informational syslog data otherwise it pick up the traffic.

All in all, a good application, but time consuming!

Visit the Syslog Junction site.


Did you like this article?


0 Shares:
You May Also Like

I wanna rock (rock) your iPod

Now this is actually kinda sad, getting ripped off twice and then getting store credit each time would get a lot of people worked up. Shame on Target for not giving a refund, and instead giving in-store credit.
I wanna rock (rock) your iPod - Usually, Target is pretty lax with returning shit. You come back three days later with a slightly used toaster oven, no receipt and they’ll give you a full refund. Not the case however, for one 14-year-old girl who received an iPod as a gift. Purchased at one of the retail giant’s stores, the girl went to open her iPod, only to discover the box was filled with rocks. Yes, rocks, making it the worst present you could possibly receive.
Read More

Novell and RedHat Linux vs IP Innovation LLC: Was Ballmer right?

A good read from Groklaw, it goes on about the the current filed Patent Infringement Claim put forth by IP Innovation LLC.
Patent Infringement Lawsuit Filed Against Red Hat & Novell - Just Like Ballmer Predicted IP Innovation LLC has just filed a patent infringement claim against Red Hat and Novell. It was filed October 9, case no. 2:2007cv00447, IP Innovation, LLC et al v. Red Hat Inc. et al, in Texas. Where else? The patent troll magnet state. The first ever patent infringement litigation involving Linux. Here's the patent, for those who can look at it without risk. If in doubt, don't. Here's the complaint [PDF].
Read More

It All Comes Together: Laptop roundup

It All Comes Together: Laptop roundup -

[LifeHacker]
Read More