Re: iptables log analysis tools
From: Chris Travers (chris@travelamericas.com)
Date: 02/24/03
- Previous message: Tucker, Jason: "RE: HIPAA certs"
- In reply to: Skip Morrow: "iptables log analysis tools"
- Next in thread: Chris Berry: "Re: Permissions scanner"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 24 Feb 2003 10:51:41 -0800 From: Chris Travers <chris@travelamericas.com> To: Skip Morrow <skip@pelorus.org>
Skip Morrow wrote:
>ACID is great for analyzing snort logs. Are there any good software
>packages with that kind of power and flexibility for iptables logs?
>I think one place to start would be to find a way to have iptables
>log to a mysql database (like snort does).
>
>
There are several tools-- check Sourceforge. For example, there is
https://sourceforge.net/projects/iptablelog/
I actually maintain one called fwreport which operates directly on the
logfiles themselves. While the 1.1.x release is not that flexible
regarding reporting, the 1.2.x release (due in a week or two) will offer
extremely powerful reporting capabilities without requiring access to
databases, etc. Check it out at http://sourceforge.net/projects/fwreport/
Also if there are any feature requests for fwreport, please feel free to
submit them ;^)
Best Wishes,
Chris Travers
- Next message: Gene Yoo: "Re: "It's ok we're behind a firewall""
- Previous message: Tucker, Jason: "RE: HIPAA certs"
- In reply to: Skip Morrow: "iptables log analysis tools"
- Next in thread: Chris Berry: "Re: Permissions scanner"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
