IPFILTER - Understanding log entries
Sheets, Jason (OZ CEEDR)
jason.sheets at hp.com
Mon Sep 13 09:25:01 PDT 2004
If your log is too large I'd carefully evaluate which rules are logging.
>From the goole search: firewall log parsing I received the following
interesting results:
http://www.aetdata.com/tracer/firewalllogtutorial.html talks about
parsing firewall logs
http://www.dixongroup.net/hatchet/ is a tool for parsing OpenBSD PF
logs,
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org [mailto:owner-freebsd-
> questions at freebsd.org] On Behalf Of Darryl Hoar
> Sent: Monday, September 13, 2004 8:13 AM
> To: freebsd-questions at freebsd.org
> Subject: IPFILTER - Understanding log entries
>
> Greetings,
> I have a machine installed with Freebsd & IPFILTER.
> The machine is setup as a firewall.
>
> The log files generated are large. First, is there a
> tutorial or tool that will process the log file and show
> what the threat is ? (if there is one).
>
> Also, how do others handle the volume of entries in
> the log file ?
>
> thanks,
> Darryl
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-
> unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list