iptables log analysis tool

iptables log analysis tool

[Afshin Lamei]

hi all,
I want to analyse the iptables log files (using LOG and/or ULOG target). 
please help me find a proper tool for this, which can generate some graphs 
using the log files.
regards
afshin

_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail

Re: iptables log analysis tool

[rcriggs]

If you don't mind setting up and using mysql use snort/acid.  Great 
combination
for intrustion detection.

Afshin Lamei wrote:

> hi all,
> I want to analyse the iptables log files (using LOG and/or ULOG 
> target). please help me find a proper tool for this, which can 
> generate some graphs using the log files.
> regards
> afshin
>
> _________________________________________________________________
> Add photos to your messages with MSN 8. Get 2 months FREE*. 
> http://join.msn.com/?page=features/featuredemail
>

RE: iptables log analysis tool

[George Vieira]

>which can generate some graphs using the log files.

this is a small project I'm working on using php (easier/quicker to make changes) and mysql to store the data in even of a reboot/etc...

http://mrtg.citadelcomputer.com.au

some of the above graphs are just scripts while others are using my mysql-iptables.php script to gather the `iptables -L -t $table -v -n -x` information.

Thanks,
____________________________________________
George Vieira
Systems Manager
georgev@citadelcomputer.com.au

Citadel Computer Systems Pty Ltd
http://www.citadelcomputer.com.au

Phone   : +61 2 9955 2644
HelpDesk: +61 2 9955 2698
 

-----Original Message-----
From: Afshin Lamei [mailto:linux_st@hotmail.com]
Sent: Monday, 29 September 2003 9:41 PM
To: netfilter@lists.netfilter.org
Subject: iptables log analysis tool


hi all,
I want to analyse the iptables log files (using LOG and/or ULOG target). 
please help me find a proper tool for this, which can generate some graphs 
using the log files.
regards
afshin

_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail

Re: iptables log analysis tool

[cc]

George Vieira wrote:

>>which can generate some graphs using the log files.
> 
> 
> this is a small project I'm working on using php 
> asier/quicker to make changes) and mysql to store the data in
> even of a reboot/etc...
> 
> http://mrtg.citadelcomputer.com.au

That's quite impressive collection of graphs, George.  When
I get the chance I hope to get the logging done on my
firewall.  Currently it's using Snort/acid but right now
having some issues with ACID.  (but that's pretty
much OT here.. :))

But what is On topic is how do you prune your logs?

Thanks

Re: iptables log analysis tool

[Arnt Karlsen]

On Tue, 30 Sep 2003 10:52:30 +0800, 
cc <cc@belfordhk.com> wrote in message 
<3F78EFEE.5040502@belfordhk.com>:

> George Vieira wrote:
> 
> >>which can generate some graphs using the log files.
> > 
> > 
> > this is a small project I'm working on using php 
> > asier/quicker to make changes) and mysql to store the data in
> > even of a reboot/etc...
> > 
> > http://mrtg.citadelcomputer.com.au
> 
> That's quite impressive collection of graphs, George.  When
> I get the chance I hope to get the logging done on my
> firewall.  Currently it's using Snort/acid but right now
> having some issues with ACID.  (but that's pretty
> much OT here.. :))

..I think I can handle an OT url to George's cute 
/etc/mrtg/mrtg.cfg to get us started.  ;-)

> But what is On topic is how do you prune your logs?
> 
> Thanks

..hear, hear!  :-)

-- 
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.