On 9/1/05, Devdas Bhagat <devdas@private> wrote: > > http://logrep.sourceforge.net/ > http://www.freshmeat.net/projects/fwanalog/ http://iptablelog.sourceforge.net/ > RedHat has its own log analysis thing. The questioner may also prefer to > install Snort + ACID on the same host. there is a script that dumps iptables logs into the acid database: http://www.snort.org/dl/contrib/other_logs/logsnorter-0.2.tar.gz You might have to modify it though, to match any specific log-prefix you are using, as a friend of mine has done for honeynet's log format, as described here: http://www.itvc.net/sotm30/wiki/index268d.html?page=logsnorter Cheers, Daniele _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Mon Sep 05 2005 - 09:02:51 PDT