IDR

Hi,

I have a BEFSX41 firewall/router.

I was using wall watcher to collect the traps and it gave me a good idea of
the traffic going inside and outside. For example I tracked some spy where
sending data out at 3 am in the morning. it was really nice. However it is
windows only. I have moved my management to linux.

I currently have a new program to watch traffic on the network.

09:52:07:324 ALERTAUDIT: Update: from Clear to Clear at Wed Sep 27 09:52:07
CDT 2006. Alert: 192.168.5.1_TrapsFromRouter_trap : Traffic
..1.3.6.1.4.1.3955.1.1.0: @out TCP from 192.168.5.7:1052 to
www.nokia.com(147.243.3.83):80
.....
09:53:14:394 ALERTAUDIT: Update: from Clear to Clear at Wed Sep 27 09:53:14
CDT 2006. Alert: 192.168.5.1_TrapsFromRouter_trap : Traffic
..1.3.6.1.4.1.3955.1.1.0: @out UDP from 192.168.5.57:123 to
192.36.143.151:123


I would like to collect data like this and put it into a format that
analyzes it like wal watcher linux.
Any ideas?

I can write a perl script to capture this to put it into any other format
needed.



.