LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-28-2009, 10:12 AM   #1
unyalli
LQ Newbie
 
Registered: Nov 2006
Posts: 1

Rep: Reputation: 0
is it possible to modify what is logged with iptables


For instance take this line:

Jan 28 09:01:11 server kernel: [6804567.261307] NTP in IN=eth1 OUT= MAC=00:02:a5:8b:10:9e:00:22:90:c1:ce:37:08:00 SRC=***.***.***.*** DST=***.***.***.*** LEN=76 TOS=0x00 PREC=0xC0 TTL=255 ID=0 PROTO=UDP SPT=123 DPT=123 LEN=56

and make it look like this:

Jan 28 09:01:11 NTP in IN=eth1 OUT= SRC=***.***.***.*** DST=***.***.***.*** PROTO=UDP SPT=123 DPT=123

the NTP in comes from --log-prefix "NTP in "

Thanks
 
Old 01-28-2009, 01:56 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,335
Blog Entries: 55

Rep: Reputation: 3535Reputation: 3535Reputation: 3535Reputation: 3535Reputation: 3535Reputation: 3535Reputation: 3535Reputation: 3535Reputation: 3535Reputation: 3535Reputation: 3535
Hello and welcome to LQ. Hope you like it here.

You can't (and shouldn't) in the logfile itself, but with 'cut' or 'awk' you could select fields, like 'awk '/ntp/ {print $1, $2, $3, $4, $5}' /path/to/logfile'.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
modify firewall (Iptables) using perl CGI ngwasuma Linux - Networking 2 05-30-2006 10:11 AM
Modify lilo.conf when not logged in as root BadBigShot Linux - Newbie 7 03-27-2004 11:09 AM
iptables and limiting the number of times an event gets logged drexel Linux - Security 3 02-09-2004 08:59 AM
which iptables to modify? I have 3. cpv204 Fedora 7 12-14-2003 12:44 PM


All times are GMT -5. The time now is 11:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration