Re: [fw-wiz] Firewall log analysis tools

• Previous message: Melson, Paul: "[fw-wiz] PIX log analysis script"
• In reply to: Vladimir Parkhaev: "Re: [fw-wiz] Firewall log analysis tools"
• Next in thread: Vladimir Parkhaev: "Re: [fw-wiz] Firewall log analysis tools"
• Reply: Vladimir Parkhaev: "Re: [fw-wiz] Firewall log analysis tools"
• Reply: Marcus J. Ranum: "Re: [fw-wiz] Firewall log analysis tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Vladimir Parkhaev" <vladimir@arobas.net>
Date: Wed, 8 Oct 2003 00:38:06 -0400

What I would really like is a repository of Perl regexes for various log
formats (firewall, router, web server syslog etc.) .
I have a fair library of Perl routines to create reports, but figuring out
the proper regexes to read the logs and generate a hash of values to analyse
is a real pain.

----- Original Message -----
From: "Vladimir Parkhaev" <vladimir@arobas.net>
To: <skpoo@pacific.net.sg>
Cc: <firewall-wizards@honor.icsalabs.com>
Sent: Tuesday, October 07, 2003 3:55 PM
Subject: Re: [fw-wiz] Firewall log analysis tools

Quoting skpoo@pacific.net.sg (skpoo@pacific.net.sg):
> Hi All, has anyone of you had experienced with Open Source firewall log
analysis tools? Your help would be very much appreciated.

I use perl as my Open Source firewall log analysis tool. It does everything
you want it to do :)
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Melson, Paul: "[fw-wiz] PIX log analysis script"
• In reply to: Vladimir Parkhaev: "Re: [fw-wiz] Firewall log analysis tools"
• Next in thread: Vladimir Parkhaev: "Re: [fw-wiz] Firewall log analysis tools"
• Reply: Vladimir Parkhaev: "Re: [fw-wiz] Firewall log analysis tools"
• Reply: Marcus J. Ranum: "Re: [fw-wiz] Firewall log analysis tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Demand of PF CLI ... >> using the PF APIs directly, or providing such access in perl, python, ... >> style approach was taken to embrace other firewall solutions. ... > you mean this module could work for Linux iptables too. ... There is Linux's iptables, ipf on NetBSD and Solaris, ... (comp.unix.bsd.openbsd.misc) Re: odd socket behavior with ZoneAlarm ... >> There is a problem in the interaction of Perl with a firewall and Perl ... If I post in the ZoneAlarm forums, folks either ... (comp.lang.perl.misc) Re: Demand of PF CLI ... > style approach was taken to embrace other firewall solutions. ... A Perl module that encapsulates all the ioctl calls would be quite ... you mean this module could work for Linux iptables too. ... (comp.unix.bsd.openbsd.misc) Re: odd socket behavior with ZoneAlarm ... Sure, if you code different things, perl often feels free to act ... this firewall actually does, how it relies to the system it is running on, ... (comp.lang.perl.misc)