Page 1 of 1

New Parsers

PostPosted: Wed Aug 31, 2016 7:49 am
by jckruger
Hi,

I'm new to this but I am vvery interested in the loganalyser but I am having trouble with parsing pfsense logs. Has anyone made a class for them. I have looked at the plugins but can't figure out what to put in the php file. The reg expressions look massively complicated. I'd like some help please.

Some of the events are different

Here are some examples.
Code: Select all
Aug 31 06:36:48 gatew.jk filterlog: 87,16777216,,1432697264,re1,match,pass,in,4,0x0,,51,14671,0,DF,6,tcp,60,141.212.122.16,192.168.10.200,25124,443,0,S,3233940288,,29200,,mss;sackOK;TS;nop;wscale


Code: Select all
Aug 31 06:39:46 gatew.jk filterlog: 86,16777216,,1423190105,re1,match,pass,in,4,0x0,,237,27604,0,none,6,tcp,40,94.103.150.195,192.168.10.200,41559,80,0,S,764079575,,1024,,


Code: Select all
Aug 31 06:50:01 gatew.jk filterlog: 87,16777216,,1432697264,re1,match,pass,in,4,0x8,,54,39632,0,DF,6,tcp,64,1.129.96.219,192.168.10.200,10230,443,0,S,3638924975,,65535,,mss;nop;wscale;nop;nop;TS;sackOK;eol


Code: Select all
Aug 31 06:50:27 gatew.jk filterlog: 133,16777216,,1423190127,re2,match,pass,in,4,0x0,,64,2654,0,DF,6,tcp,60,192.168.10.200,203.170.87.133,40758,110,0,S,2822726363,,29200,,mss;sackOK;TS;nop;wscale


Regards
Justin