Turn your Cisco PIX Syslog files into Graphs using Syslog Junction.

I was setting up a bunch of monitoring at work as we hadn’t have that much implemented. I ran into this application in a random fashion. Sys Junction is an application that graphs out syslog data from Cisco PIX firewalls.

I was setting up a bunch of monitoring at work as we hadn’t have that much implemented. I ran into this application in a random fashion. Sys Junction is an application that graphs out syslog data from Cisco PIX firewalls.

The setup is simple, you download the install archive, extract it and then run the install script “run.sh”. You will need to make sure that the file has executable permissions, since my install was a linux install (they also have a windows version). Run “chmod u+x run.sh” beforehand. You would think that from reading the documentation the install would occur, but no install actually occurs. Once you type “run.sh” the application forks into the background and starts printing random logging information on your terminal. It doesn’t even install as a service, you have to do this yourself.

Now that you have Syslog Junction running, you can open up your web browser and point it to “http://127.0.0.1:11052” or the IP address of the server you have it running on. You should see a login screen, enter in the default login information which is “admin/letmein”. And bam you either see graphs or no graphs!

I didn’t have graphs! I look back now and think, should have spent 3 hours on trying to get this to finally work or not? Was it worth all the trouble of trying to figure out the problem instead of having a Install Document or any type of information other than a couple pages of a PDF file with only a couple pages of information.

After look at the logs in the folder “logs”, I see in the file “SLJunction.log”. So I decide to tail it to see whats in it. And Viola! I get an error message

2007-11-20 16:12:29,640 ERROR sljunction.SLJunctionApp - Unable to start Syslog server. Address already in use

So I ponder to myself and do what anybody in my position would do, start grinding out the debugging tools. So I run netstat:


[root@pablo:/var/www/default/SLJunction/logs]# netstat -nlp | grep syslog
udp 110400 0 0.0.0.0:514 0.0.0.0:* 4646/syslogd

Oh and look syslog had the -r option for remote machine logging. So I disabled syslog and start Syslog Junction again and no more error. But instead of getting pretty graphs, I get blank ones again.

After further testing it look as though you have to make sure that your Cisco PIX is sending only Informational syslog data otherwise it pick up the traffic.

All in all, a good application, but time consuming!

Visit the Syslog Junction site.

0 Shares:
You May Also Like

Bug Clean up for QuickPwn

Not too long after releasing and updated PwnageTool and Quickpwn, the iphone-dev.org team has released an update to QuickPwn.
We’ve had some issues with iPod touch devices and the latest version of PwnageTool for the Mac, in certain conditions incorrect permissions will be used and the keychain doesn’t save passwords. So hold on and wait for the next release, we’ll push out the updated version via Sparkle as soon as it is tested (it is being tested right now).

Dubious 1980’s in-home nuclear reactor ad from Japan

Dubious 1980's in-home nuclear reactor ad from Japan -

Filed under:


Back in the carefree but confusing days of the 1980's, chicks and dudes were looking for all kinds of new ways to lessen their need for oil-based energy. If you believe anything you see in this ad mockup (and that's a big "if"), a company in Japan was working on a tiny, in-home nuclear reactor -- pleasantly named Chernobyl. We'll have to assume for the moment that this was pre-catastrophic meltdown, when the Russian power-plant was considered a feat of modern engineering instead of just a big, mutant-making hellride. The device supposedly would have been "simple to operate, even for children and the elderly", but carried an ominous warning to "discontinue use" if you experience "dizziness or a tingling sensation". Was this for real? Read the translation and judge for yourself.

 

Read | Permalink | Email this | Comments


Office Depot Featured Gadget: Xbox 360 Platinum System Packs the power to bring games to life!

[EnGadget]

New LinuxCOE helps admins customize distros

This is a really neat idea. You can roll all of your scripted installations for all of your distributions into one application, instead of configuring each distributions application. For example, if you wanted to install RedHat, you no longer need Kickstart. The same would go for Ubuntu, no more preseed. Just one application to handle all of the scripted installations.
New LinuxCOE helps admins customize distros - Hewlett-Packard released version 4 of its Linux Common Operating Environment (LinuxCOE) software this month. LinuxCOE is a front end to a set of Perl scripts that helps administrators by building customized install images for various Linux... [Linux.com]

Featured Download: Folder Size for windows, find out sizes of your folders in Explorer

Have you ever wanted an easy way to view all of your folders sizes, without have to Right Click and select Properties on each one. This application integrates with Explorer in Windows and provides a column that shows the folders size on disk. This is very useful if you're trying to find where a big file or if you're trying to free up disk space. An excellent download and a must need for System Administrators/Power users.