Back to your phpLogCon instanceI am trying to parse a message from our firewall, my goal is be able to log the amount of ingoing/outgoing traffic depending on type/port. However, all the information I'm interested in is inside the Message body looking like this:
id=firewall time="2004-10-04 11:23:32" fw=10.68.12.79 pri=6 rule=ACCEPT proto=netbios-ns duration=2 sent=312 rcvd=0 src=10.68.12.15 dst=10.68.15.255 sessionid=5987 subid=0 status=OPEN srcport=137 dstport=137 logcateg=1
time, rule, proto, srcport,dstport are the variables I'd like to extract. In the next step I'd create a script that counts the different protocol types, but first I ofcourse need these variables extracted from the message body. Can I do this?
Parsing the message?
Moderator: alorbach
2 posts • Page 1 of 1
by wrehman » Mon Oct 04, 2004 1:03 pm
Hello,
MonitorWare Console is our analytical tool that provides about 8 or 9 different pix reports. Some of them are the same as what you are looking for. Here is the link to the PIX reports page of MonitorWare Console. If you like them, you can download the trial version of MonitorWare Console. Here is the link to the
pix reporting page
and here is the link to download current 2.1 beta version of MonitorWare Console.
http://www.adiscon.org/download/mwcon2.1b.exe
I hope this will help
Best Regards
Wajih
Adiscon
MonitorWare Console is our analytical tool that provides about 8 or 9 different pix reports. Some of them are the same as what you are looking for. Here is the link to the PIX reports page of MonitorWare Console. If you like them, you can download the trial version of MonitorWare Console. Here is the link to the
pix reporting page
and here is the link to download current 2.1 beta version of MonitorWare Console.
http://www.adiscon.org/download/mwcon2.1b.exe
I hope this will help
Best Regards
Wajih
Adiscon
-
wrehman - Adiscon Support
- Posts: 75
- Joined: Tue Mar 18, 2003 9:30 am
Google Ads
2 posts • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 0 guests
