Sonicwall Reporting

[BakedON]

I just got back to work with a company that has 30 sonicwall firewalls out there that we manage for our clients. Does anyone know of an effective reporting tool I can use to compile reports either from teh multiple logs or from the MFS mail that each unit sends out when it detects a possible intrusion, license expiration, down unit?

What we have right now compiles all the emailed reports into one exchange public folders.... and hand picking through 20,000 items trying to see patters is a total nightmare.

Thansk in advance for any info.

 

[Bean Dip]

Sonicwall has its own software called ViewPoint for this. But it requires a license for each Sonicwall which adds up quick.

I used to use it for my corporate office Pro3060 but it was a resource hog and I don't really have the extra server resources to give it. So I got rid of it a couple of years ago.

I use Cacti and Nagios to monitor my routers and servers via SNMP. I can usually tell if something weird is going on if there is unusual traffic spikes on Cacti. Nagios will send me an alert if a site has latency problems for an extended period of time (but it is a ^%*$# to set up the first time).

I used to collect the logs to a syslog daemon but looking at one Sonicwall log is a daunting task much less trying to go through my other 20 (I feel your pain!).

If you come up with something better I would appreciate you passing it back to this thread.