Find the answer to your Linux question:
Results 1 to 3 of 3
i analyse the daily PIX logs using fwanalog. It takes a lot of time but the result is really good and easy to parse. But since i am new to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2005
    Posts
    15

    log analysis tips needed..


    i analyse the daily PIX logs using fwanalog. It takes a lot of time but the result is really good and easy to parse. But since i am new to security analysis, i'd need tips for the same. its been only 2 days since i started using fwanalog. i started off by making a note of the IPs blocked at unknown ports. but now i have streamlined my analysis by lookng at the pattern as to the date and time of the block.
    Pls submit your tips so that i can be fast at analysing them. i spend 3-4 hrs doing only log analysis when i have more important things to do.

    TIA
    Punter

  2. #2
    Just Joined!
    Join Date
    Dec 2005
    Posts
    5
    Check out Sawmill. It's not free, but creating queries on the fly are easy and fast. We use it for parsing all sorts of logs (web, radius, firewall, maillog, etc).

  3. #3
    Just Joined!
    Join Date
    Nov 2005
    Posts
    15
    any pointers to good articles would be helpful.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •