Date: Mon, 13 Sep 2004 10:26:31 -0600 From: "Sheets, Jason (OZ CEEDR)" <jason.sheets@hp.com> To: <darryl@osborne-ind.com>, <freebsd-questions@freebsd.org> Subject: RE: IPFILTER - Understanding log entries Message-ID: <2D8BB15C7B5C214F81C32D3A83B3273601186362@idbexc01.americas.cpqcorp.net>
next in thread | raw e-mail | index | archive | help
If your log is too large I'd carefully evaluate which rules are logging. >From the goole search: firewall log parsing I received the following interesting results: http://www.aetdata.com/tracer/firewalllogtutorial.html talks about parsing firewall logs http://www.dixongroup.net/hatchet/ is a tool for parsing OpenBSD PF logs, > -----Original Message----- > From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd- > questions@freebsd.org] On Behalf Of Darryl Hoar > Sent: Monday, September 13, 2004 8:13 AM > To: freebsd-questions@freebsd.org > Subject: IPFILTER - Understanding log entries >=20 > Greetings, > I have a machine installed with Freebsd & IPFILTER. > The machine is setup as a firewall. >=20 > The log files generated are large. First, is there a > tutorial or tool that will process the log file and show > what the threat is ? (if there is one). >=20 > Also, how do others handle the volume of entries in > the log file ? >=20 > thanks, > Darryl >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2D8BB15C7B5C214F81C32D3A83B3273601186362>