IPFILTER - Understanding log entries
Sheets, Jason (OZ CEEDR)
jason.sheets at hp.com
Mon Sep 13 09:25:01 PDT 2004
If your log is too large I'd carefully evaluate which rules are logging.
>From the goole search: firewall log parsing I received the following
http://www.aetdata.com/tracer/firewalllogtutorial.html talks about
parsing firewall logs
http://www.dixongroup.net/hatchet/ is a tool for parsing OpenBSD PF
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org [mailto:owner-freebsd-
> questions at freebsd.org] On Behalf Of Darryl Hoar
> Sent: Monday, September 13, 2004 8:13 AM
> To: freebsd-questions at freebsd.org
> Subject: IPFILTER - Understanding log entries
> I have a machine installed with Freebsd & IPFILTER.
> The machine is setup as a firewall.
> The log files generated are large. First, is there a
> tutorial or tool that will process the log file and show
> what the threat is ? (if there is one).
> Also, how do others handle the volume of entries in
> the log file ?
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-
> unsubscribe at freebsd.org"
More information about the freebsd-questions