Can anyone recommend a FREE syslog server that would be able to understand well PA Firewall logs, store them and if possible, provide simple reporting.
I currently tried:
Splunk - good software, but free version has limits and will be not enough for my environment
Sawmill - also a good product, but it's not really a syslog, it requires existing syslog server to send information to it for analysis and can process only traffic and threat log
Kiwi - good syslog server, but I don't know if it will be able to handle syslogs from our 5050 device. Does anyone tried it in Enterprise environment?
AlientVault - still working on it if I can send syslogs to it.
Any information is appreciated.
Main idea is to have an additional source for log forwarding instead of having them only on the firewall itself. Csv export is also configured to SCP server.
Thanks for reply lewis.
Would you please share a little more information?
- what platform you running it on?
- how much space you allocated for logs?
- how frequently do you logswitch?
- what do you do with the data?
- it's says $295 price? Is it really free? Which one are you using?
Your reply is really appreciated.
Running on Server 2012, 2TB, keep logs about 6 months, logs are recorded in hour increments, compress them to keep a smaller finger print, version 9.3.3, dont remember the cost but it was a small amount
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!