Results 1 to 3 of 3
i analyse the daily PIX logs using fwanalog. It takes a lot of time but the result is really good and easy to parse. But since i am new to ...
- 12-26-2005 #1Just Joined!
- Join Date
- Nov 2005
- Posts
- 15
log analysis tips needed..
i analyse the daily PIX logs using fwanalog. It takes a lot of time but the result is really good and easy to parse. But since i am new to security analysis, i'd need tips for the same. its been only 2 days since i started using fwanalog. i started off by making a note of the IPs blocked at unknown ports. but now i have streamlined my analysis by lookng at the pattern as to the date and time of the block.
Pls submit your tips so that i can be fast at analysing them. i spend 3-4 hrs doing only log analysis when i have more important things to do.
TIA
Punter
- 12-28-2005 #2Just Joined!
- Join Date
- Dec 2005
- Posts
- 5
Check out Sawmill. It's not free, but creating queries on the fly are easy and fast. We use it for parsing all sorts of logs (web, radius, firewall, maillog, etc).
- 01-04-2006 #3Just Joined!
- Join Date
- Nov 2005
- Posts
- 15
any pointers to good articles would be helpful.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
