Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog - What is your firewall log telling you - responses InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

What is your firewall log telling you - responses

Published: 2010-03-05
Last Updated: 2010-03-05 21:10:47 UTC
by Kyle Haugsness (Version: 1)
2 comment(s)

Responses to our earlier diary entries regarding firewall log parsing (story1 and story2) have been trickling in. 

Reader Matthias has some small awk/shell scripts for parsing iptables log files that he shared here: http://sister-shadow.de/hotlink/isc/log-scripts.tar.gz

And reader Christian recommends using Prelude LML (log monitor lackey): http://www.prelude-technologies.com/en/welcome/index.html

Update #1: An anonymous reader also suggests http://www.loganalysis.org/ .

-Kyle Haugsness

Keywords: firewall log
2 comment(s)
Diary Archives