[nsp] Script for gathering logs from routers?
Hudson Delbert J Contr 61 CS/SCBN
Delbert.Hudson at LOSANGELES.AF.MIL
Thu Oct 30 17:48:17 EST 2003
David,
this seems to make the most sense. after all, the router is outside
so gathering of info from it as regards to traffic or compromises
seems moot at best. i would not trust the logs from a compromised
box anyway. this seems a bit trivial.
~v/r
piranha
-----Original Message-----
From: Simon Hamilton-Wilkes [mailto:simon at jettis.com]
Sent: Thursday, October 30, 2003 12:54 PM
To: 'Temkin, David'
Cc: cisco-nsp at puck.nether.net
Subject: RE: [nsp] Script for gathering logs from routers?
Then stick a syslog server outside the firewall and ftp logs from it daily.
Simon
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Temkin, David
Sent: Thursday, October 30, 2003 12:42 PM
To: 'Streiner, Justin'; cisco-nsp at puck.nether.net
Subject: RE: [nsp] Script for gathering logs from routers?
To answer the last four emails, I have an issue where the router is outside
of a firewall and it's not acceptable to open the syslog port inbound, so
instead we're going to opt for gathering the logs.
Thanks,
-Dave
-----Original Message-----
From: Streiner, Justin [mailto:streiner at stargate.net]
Sent: Thursday, October 30, 2003 3:23 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [nsp] Script for gathering logs from routers?
On Thu, 30 Oct 2003, Temkin, David wrote:
> Anyone have an expect (or similar) script that collects the "show log"
> from a router and appends it to a file? I could write it myself, but
> I figured if someone already had one written I would save myself from
> re-inventing the wheel :-)
Why not have the routers send their logs to a syslog server, or are you
looking for some piece of data that doesn't get syslog'd?
jms
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list