I have a pix firewall(515 I believe) and every day at lunch and again at the end of the day the Inet slows to a crawl. It is obviously a user or group of users downloading a chunk of something. We have a full T1 and during work hours, it functions fine. I would like to get some software to possibly monitor the firewall and then point out the heaviest user's IP. I have been playing around with syslogd, but have not found a good way to cull through the log once it is written out. I also have tried sawmill, and while it is a step in the right direction, it is hard to believe there isn't a more direct way to figure it out. Any thoughts? I have the powers above ready to buy if I can find the right piece of software. thanks for your help.
- posted
17 years ago