Hello all I'm trying to teach myself log analysis by trying the Honeynet Challenge 34 It consists of: http access logs http error logs http ssl_error logs iptables log snort log syslog mail log syslog messages and syslog secure log Now I want to mush these all together and sort each line chronologically so I can reconstruct a sequence of evnets. The problem I'm having is that: a. the date format is different between logs b. the placement of the date within the line is different in the http error logs. What I've done so far: I've tried to concatenate logs earliest-->latest tried importing into Excel and sorting there.... I've googled around looking for log correlation, analysis etc. I've poke thru the archives to this list---why is there no search capability for the list archive? Basically the formatting problems are driving me nuts. Can anyone point me in the direction of a tool/methodology I can use to do this? I'd be most grateful. Jim
_______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Thu Dec 15 2005 - 19:29:28 PST