> Does anyone know of a command line tool for searching > through a proprietary FW1 log? > We want to setup a stand alone station for searching > through syslogs and log files from various firewalls. > I can't seem to find a tool for the FW1 binary log. I > know checkpoint allows command level searching on > the active firewall, but these files have been moved > to a central server. Hi Greg - I haven't been on a FW-1 box in a couple of years, but the last time I did, Checkpoint provided a utility for converting the binary log format to regular old text: $FWDIR/bin/fw log so this bit of highly complex scripting gets the data to the local syslog, and thence to your loghost: $FWDIR/bin/fw log -tf | /bin/logger -p local5.info (or whatever you want for logger). Does that work? cheers - tbird _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Sat Feb 18 2006 - 22:26:49 PST