That's a good question. My old 6.1 logs are the same as you described. I am now on 6.2 and bytes and duration are part of the message (%PIX-6-302016 on 6.2) -----Original Message----- From: Wajih-ur-Rehman [mailto:wrehmanat_private] Sent: Wednesday, July 16, 2003 8:49 AM To: loganalysisat_private Subject: [logs] regarding %PIX-6-302006: Hello all, I am trying to analyze PIX (6.1) logs. I am facing a problem regarding the following: %PIX-6-302006: Teardown UDP connection for faddr faddr/fport gaddr gaddr/gport laddr laddr/lport Explanation This is a connection-related message. This message is logged when a UDP connection is terminated. The duration and byte count for the session are reported. If the connection required authentication, the username is also reported in the last field of the message. This message is used by the PIX Firewall Manager to generate reports. The explanation says, that it logs the duration and bytes as well but in my logs, i dont find even a single entry with duration and bytes. Any help would be greatly appreciated. Best Regards Wajih-ur-Rehman _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Fri Jul 18 2003 - 12:37:01 PDT