EventId.Net - Firewalls
EventID.Net

Home Search Events Books Documents TCP/IP Ports Contributors About Us
Log in Q Finder Links Firewalls IT Admin Tasks Log Management Legal
 
FIREGEN NG NETSCREEN MODULE
     
 
 
 

FireGen NG Netscreen Module Usage

Requirements:
- Juniper Netscreen firewall
- Firewall logs sent to a syslog server

Downloads:
- FgNgNetscreen.dll - Version 0.001 - Updated October 27, 2006
- NETFgNgNetscreen.dll

Configuring the log profile:
- Start the FireGen NG user interface
- Switch to the Log profiles tab
- Click Add new
- In the Properties section, change the profile name from Profile1 to a name relevant to the specific firewall (i.e. NetscreenFw)
- As Firewall type select Netscreen
- Select the sample log location. FireGen is using the location of the sample log to look for logs that have to be analyzed for the specified time interval.
- In the Log files detection method section enter the Log naming template. For example, if the log for Feb 28, 2006 is named syslog-2006-02-28.log enter syslog-yyyy-mm-dd.log. FireGen will use this template to build the name of the log that has to be analyzed for the selected time interval. For example, if the Sample log is specified as C:\Logs\syslog-2006-02-28.log, the Log naming is entered as syslog-yyyy-mm-dd.log and the selected time interval for the analysis is March 8, 2006, FireGen will attempt to analyze the C:\Logs\syslog-2006-03-08.log. If the log name does not contain a certain date pattern, FireGen will analyze the log specified as Sample log. For example, if the Sample log is specified as C:\Logs\SyslogCatchAll.txt and the Log naming is specified as SyslogCatchAll.txt, FireGen will always analyze this file, regardless of the selected time interval. If the Log files detection method is selected as Analyze the log specified as sample FireGen will analyze the sample log regardless of the other settings.
- Click on the -> button to save the profile (the profile name should move from the Unsaved section to the Saved one as shown below:

- Switch to On Demand
- Select the reporting interval
- Save the settings by clicking the Apply button
- Press Analyze! to run the analysis

 
 

  Featured Links
GFI EventsManager - Network-wide event log management - Download free 30-day trial!

Free Online Event Scanner - Scan your pc for high security events with GFI's free online service.
EventID.Net Subscription - So much information for so little!

 

 

 

 

Legal - EventID.Net © 2001-2008 Altair Technologies Ltd., All rights reserved - Sign up for our Email Newsletter