How do I run reports for a Cisco Pix 6.2/6.3 log file?


This article applies to:

  • WebTrends Firewall Suite 4.1a
  • Cisco Pix 6.2
  • Cisco Pix 6.3

Question:

How do I run reports for a Cisco Pix 6.2/6.3 log file?

Changes Made:

The Cisco Pix log file format changed with the release of version 6.2.

Procedure:

Complete the following steps to be able to analyze log files from Cisco Pix, version 6.2/6.3 using Firewall Suite 4.1a.

  1. Download the Pix_62.zip file from the Article Attachments section below.

  2. Make sure Firewall Suite is not running. Click File | Exit & Unload from the menu bar to quit the application, if it is currently running.

  3. Extract the files from within the Pix_62.zip file to the root of the Firewall Suite installation directory.

  4. Launch Firewall Suite.

  5. Run your reports.


Once new files are copied, it is recommended that FastTrends and Content Databases for profiles that use Cisco PIX 6.2 be flushed. The quickest method to flush the FastTrends and Content Database is by following these steps.

  1. Edit the profile which is analyzing Cisco Pix 6.2/6.3 log files.

  2. Select the DNS Lookup tab.

  3. Change the DNS setting.

  4. Save the profile.

  5. Click Continue to delete both databases.

  6. Edit the profile and change the DNS setting back.

  7. Save the profile.

This article was previously published as:
NETIQKB8629

Last Modified 4/11/2006.
https://support.trustwave.com/kb/KnowledgebaseArticle10450.aspx