Re: [logs] log analysis of netfilter entries?

• Previous message: Steve Wray: "[logs] log analysis of netfilter entries?"
• In reply to: Steve Wray: "[logs] log analysis of netfilter entries?"
• Next in thread: Steve Wray: "RE: [logs] log analysis of netfilter entries?"
• Reply: Steve Wray: "RE: [logs] log analysis of netfilter entries?"
• Reply: Chris Brenton: "Re: [logs] log analysis of netfilter entries?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 04, 2001 at 01:55:52PM +1300, Steve Wray wrote:
> Hmmm...
> I use acid to analyse my snort alerts,
> something like that for netfilter log entries
> would be nice!

Sounds like you need logsnorter. Dumps some Firewall syslog entries into
snort's backend SQL databases...

Support Linux ipfwadm, ipchains, iptables as well as Cisco ACLs...

It's listed on the download page of www.snort.org

-- 
Cheers

Jason Haar

Information Security Manager
Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

• Next message: Tina Bird: "[logs] Due Diligence for Admission in Court"
• Previous message: Steve Wray: "[logs] log analysis of netfilter entries?"
• In reply to: Steve Wray: "[logs] log analysis of netfilter entries?"
• Next in thread: Steve Wray: "RE: [logs] log analysis of netfilter entries?"
• Reply: Steve Wray: "RE: [logs] log analysis of netfilter entries?"
• Reply: Chris Brenton: "Re: [logs] log analysis of netfilter entries?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Dec 03 2001 - 19:37:27 PST