A couple of questions for the list; While the GUI is great for some, I
prefer to use (insert favorite scripting language here) to parse the
logs into reports. While looking at the NG-1 logs I've found that you
have to extract them using the 'fwm logexport' command. Once extracted
I found that the audit log (fw.adtlog) appears to list objects by name
followed by a number (guid?) i.e. "...node1234, host_plain,
network_objects,Create,{939F6E91-33D1-4562-B791-BDC7218AD88E}". My
questions are: 1) is there a way to default the logs to text format as
they are collected? 2) am I correct in the assumption that the number
corresponds to the object listed (or is there more information that can
be gleaned from the number and if so how).
Any additional tips or insight you'd care to add would be appreciated as
well.
Thanks
**************************************************************************
This electronic message may contain confidential or privileged information
and is intended for the individual or entity named above. If you are
not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this information is prohibited.
If you have received this electronic transmission in error, please notify
the sender immediately by using the e-mail address or by telephone
(704-633-8250).
**************************************************************************
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Wed Sep 08 2004 - 13:46:38 PDT