LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   IPTables Log Analyzer (http://www.linuxquestions.org/questions/linux-security-4/iptables-log-analyzer-334473/)

ddaas 06-17-2005 02:13 AM

IPTables Log Analyzer
 
Hi, I want a program which displays in a nice format in the browser iptables logs.
Something like BASE does for snort alerts.

I found IPTables Log Analyzer ( http://www.gege.org/iptables/ ), but it is only a beta version and I don't like this.
There is also sawmill ( www.sawmill.net ). Iíve installed it, but I don't like it very much and it's not free.

Does anybody use IPTables Log Analyzer?

What do you use?

hardcorelinux 06-17-2005 08:12 AM

fwanalog

fwanalog is a shell script that parses and summarizes firewall logfiles.

http://tud.at/programm/fwanalog/


Logrep is a secure multi-platform framework for the collection, extraction, and presentation of information from various log files. It features HTML reports, multi dimensional analysis, overview pages, SSH communication, and graphs, and supports 18 popular systems including Snort, Squid, Postfix, Apache, Sendmail, syslog, ipchains, iptables, NT event logs, Firewall-1, wtmp, xferlog, Oracle listener and Pix.

http://www.l0t3k.net/tools/Loganalys...e-1.4.2.tar.gz

IPTables log analizer (TODO : find a nice name for it) displays Linux 2.4 iptables logs (rejected, acepted, masqueraded packets...) in a nice HTML page (it support rough netfilter logs but also Shorewall and Suse Firewall logs).

http://www.l0t3k.net/tools/Loganalys...er_v0.4.tar.gz

fwanalog is a shell script that parses and summarizes firewall logfiles. It currently (version 0.6.4pre4) understands logs from ipf (tested with OpenBSD 2.8's and 2.9's ipf, also FreeBSD, NetBSD and Solaris 8 with ipf), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, some ZyXEL/NetGear routers and (experimentally) Cisco PIX, Watchguard Firebox and Firewall-One (not NG!) firewalls.

http://www.tud.at/

ddaas 06-18-2005 02:10 AM

thanks,
I will try them.

Kamikazee 06-25-2005 02:36 AM

Newb Question.

I downloaded the file http://www.l0t3k.net/tools/Loganaly...ce-1.4.2.tar.gz , what do i do with it.. yes it sounds stupid... But i untared it.. then what?

ddaas 06-26-2005 07:21 AM

For a new pragram you want to install you have to read:
1) README
2) INSTALL
3)HOWTO

4)Search on GOOGLE


All times are GMT -5. The time now is 09:19 AM.