Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Wireshark-users: Re: [Wireshark-users] Opening Pix Syslog with Wireshark

Date Index Thread Index Other Months All Mailing Lists

Date Prev Date Next Thread Prev Thread Next

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Tue, 11 Sep 2007 12:22:33 -0700

  [ Forwarded from wireshark-users-owner ]

As far as I know, the PIX syslog output only contains summary data, e.g. IP
addresses and port numbers.  This doesn't provide enough information to
reconstruct the network packet data required by Wireshark.  There are many
applications that can analyze syslog files, but Wireshark isn't one of them.
(Well, I suppose you could point the "logging host" command at your workstation
and capture syslog messages as the come in, but that may not be what you're
looking for.)

Newer versions of the PIX OS have a "capture" command that lets you save traffic
in a libpcap-formatted file, which Wireshark, tcpdump, WinDump, and a ton of
other tools can read.

munyaradzi.nduku@xxxxxxxxxxxxx wrote:
> Hi
> 
> I want to analyse a syslog produced by Pix Firewall in Wireshark. I export
> the syslog as a txt file.
> 
> Thank you
> 
> 
> -------------------------------------------
> South Africas premier free email service - www.webmail.co.za 
> ------------------------------------------------------------------
> For super low premiums, click here http://www.webmail.co.za/dd.pwm
>

Prev by Date: [Wireshark-users] We won an award!
Next by Date: Re: [Wireshark-users] Lua scripting (obtaining protocol fields)
Previous by thread: Re: [Wireshark-users] We won an award!
Next by thread: [Wireshark-users] A question regarding GSM sniffing
Index(es):
- Date
- Thread