Splunk is very good stuff: http://www.splunk.com/ For bootstrapping your loganalysis it's a great tool. If that doesn't fit have a look at the loganalysis list archive to see if something looks better: http://lists.shmoo.com/pipermail/loganalysis/ HTH, C.G. On 3/6/07, Bryan O'Neal wrote: > > > > > My network devices provide a wealth of data, but this data is very short > lived on the device. I used kiwi sysloger on my windows box, but was not > overly happy with it. Can any one recommend a good syslog viewer? > > > > Also, I am looking to keep a better track on what is going on on my network. > My switches allow me to port mirror to a box but I am not sure the best way > to collect and analyze data. I am mostly interested in bandwidth usage, and > simple breakdowns of the kind of data (web, smb, windows file sharing, > email, gnutella clients, etc.) Not only for bandwidth control, but also to > track down rouge devices on my network. I am also interested in tracking > what web pages my users visit (this company is squeaky clean, but their has > been talk of banning more then myspace and I want the data I need to keep > our network as free as possible for our users. > > > > Any suggestions? > --------------------------------------------------- > PLUG-discuss mailing list - > PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change you mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > -- powerofprimes@gmail.com Carlos Macedo Gomes _sic itur ad astra_ --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss