I'm looking for something i can install on my machine and get the logs from a couple Cisco routers. Whats out there that can connect to my routers and pull logs for quick access without having to go into the SDM?
It would be nice to see some graphs in re: to traffic, attacks, etc.
EDIT: Preferably Windows based. :)
For you basic logs as Cian Says any unix box will do. Just setup your syslog to accept local4 and write that to a file (local4 is the default if i remember correctly, but it is configurable).
As far as graphs, you can use MRTG or cacti. Just setup SNMP on the routers and you should be able to pull interface graphs. The other option is netflow because you are using routers. I tend to only use netflow for one off troubleshooting because switches and PIX/ASA devices don't support it and I like to have all my interface graphs accessible through one interface.
EDIT:
Setting up the syslog to accept syslog messages from the Cisco and have the Cisco send them.
On your syslog server you will need to go into /etc/syslog.conf and make the following changes:
local4.* /var/log/network.log
This tells the syslog server to send all messages it recieves on the local4 facility all priorities to the file /var/log/network.log You can then access that log using the normal unix utilities, cat/more/less/grep - you'll find grep to be the most useful.
One thing to note , you may need to turn on remote logging on your syslog server. This seems to vary between distros so your best bet is to choose a distro and search for how they do it. Personally i recommend ubuntu server.
I normally set the following commands to turn on logging on my cisco devices:
logging facility local4
logging <host to log to>
logging on
For some further reading on syslog here is the Syslog Website
Ciscos can log to a syslog server. Any unix box should come with one.
edit: You set this up with logging host and then logging on, in config mode.
