Wflogs 0.9.8
Sponsored Links
Wflogs 0.9.8 Ranking & Summary
File size:
0.73 MB
Platform:
Any Platform
License:
GPL (GNU General Public License)
Price:
Downloads:
993
Date added:
2007-02-14
Publisher:
Hervé Eychenne
Wflogs 0.9.8 description
Wflogs is a firewall log analysis tool. It can be used to produce a log summary report in plain text, HTML and XML, or to monitor firewalling logs in real-time.
This project is part of the WallFire project, but can be used independently.
Usage examples:
wflogs -i netfilter -o html netfilter.log > logs.html
converts the given netfilter log file into a HTML report.
wflogs --sort=protocol,-time -i netfilter -o text netfilter.log > logs.txt
converts the given netfilter log file into a sorted (by protocol number, then reverse time) text report.
wflogs -f $start_time >= [this 3 days ago] && $start_time < [this 2 days ago] && $chainlabel =~ /(DROP|REJECT)/ && $sipaddr == 10.0.0.0/8 && $protocol == tcp && ($dport == ssh || $dport == telnet) && ($tcpflags & SYN) -i netfilter -o text --summary=no
shows log entries (without summary) which match the given expression (refused connection attempts that occured 3 days ago to ssh and telnet ports coming from internal network 10.0.0.0/8).
wflogs -i netfilter -o text --resolve=0 --whois=0 netfilter.log
converts the given netfilter log file into a text report (default mode), disabling IP address reverse lookups and whois lookups.
wflogs -i netfilter -o xml netfilter.log > logs.xml
exports netfilter logs in XML.
wflogs -i ipchains -o netfilter ipchains.log > netfilter.log
converts ipchains logs into netfilter log format. So you may process them with your favorite netfilter log analyser, for example (even if the latter may not be better than wflogs itself.
wflogs -i ipfilter -o human --datalen=yes ipfilter.log
produces a report about ipfilter logfile in natural language on stdout, displaying packet length (datalen option) which is not showed by default.
wflogs -R -I
monitors logs in real-time in an interactive shell, waiting for logs in the default system logfile, in guessed format (according to the local firewalling tool).
Supported systems
WallFire is intended to work on real systems such as Unix, especially Linux and *BSD.
Current wflogs input modules are:
- netfilter (Linux 2.4 and 2.6 firewall logs)
- ipchains (Linux 2.2 firewall logs)
- ipfilter (NetBSD, FreeBSD, OpenBSD, Solaris, SunOS 4, IRIX and HP-UX running ipfilter firewall logs).
- cisco_pix (Cisco PIX filter logs)
- cisco_ios (Cisco IOS filter logs)
- snort (Snort ACLs logs)
Please note that input modules are available on any architecture on which wflogs can run (for example, you can perfectly parse Cisco PIX logs on a Linux box).
Enhancements:
- Improved matching of netfilter and ipfilter input modules.
- Added support for Cisco FWSM (PIX).
- Improved netfilter parsing.
- Compilation fixes for *BSD.
- Added wflogs.dtd.
- Added wfchkintegrity tool, which enables to monitor changes in the firewalling configuration.
- Fixed buffer sizes for some input modules.
- Fixed parsing with recent flex versions.
This project is part of the WallFire project, but can be used independently.
Usage examples:
wflogs -i netfilter -o html netfilter.log > logs.html
converts the given netfilter log file into a HTML report.
wflogs --sort=protocol,-time -i netfilter -o text netfilter.log > logs.txt
converts the given netfilter log file into a sorted (by protocol number, then reverse time) text report.
wflogs -f $start_time >= [this 3 days ago] && $start_time < [this 2 days ago] && $chainlabel =~ /(DROP|REJECT)/ && $sipaddr == 10.0.0.0/8 && $protocol == tcp && ($dport == ssh || $dport == telnet) && ($tcpflags & SYN) -i netfilter -o text --summary=no
shows log entries (without summary) which match the given expression (refused connection attempts that occured 3 days ago to ssh and telnet ports coming from internal network 10.0.0.0/8).
wflogs -i netfilter -o text --resolve=0 --whois=0 netfilter.log
converts the given netfilter log file into a text report (default mode), disabling IP address reverse lookups and whois lookups.
wflogs -i netfilter -o xml netfilter.log > logs.xml
exports netfilter logs in XML.
wflogs -i ipchains -o netfilter ipchains.log > netfilter.log
converts ipchains logs into netfilter log format. So you may process them with your favorite netfilter log analyser, for example (even if the latter may not be better than wflogs itself.
wflogs -i ipfilter -o human --datalen=yes ipfilter.log
produces a report about ipfilter logfile in natural language on stdout, displaying packet length (datalen option) which is not showed by default.
wflogs -R -I
monitors logs in real-time in an interactive shell, waiting for logs in the default system logfile, in guessed format (according to the local firewalling tool).
Supported systems
WallFire is intended to work on real systems such as Unix, especially Linux and *BSD.
Current wflogs input modules are:
- netfilter (Linux 2.4 and 2.6 firewall logs)
- ipchains (Linux 2.2 firewall logs)
- ipfilter (NetBSD, FreeBSD, OpenBSD, Solaris, SunOS 4, IRIX and HP-UX running ipfilter firewall logs).
- cisco_pix (Cisco PIX filter logs)
- cisco_ios (Cisco IOS filter logs)
- snort (Snort ACLs logs)
Please note that input modules are available on any architecture on which wflogs can run (for example, you can perfectly parse Cisco PIX logs on a Linux box).
Enhancements:
- Improved matching of netfilter and ipfilter input modules.
- Added support for Cisco FWSM (PIX).
- Improved netfilter parsing.
- Compilation fixes for *BSD.
- Added wflogs.dtd.
- Added wfchkintegrity tool, which enables to monitor changes in the firewalling configuration.
- Fixed buffer sizes for some input modules.
- Fixed parsing with recent flex versions.
Wflogs 0.9.8 Screenshot
Wflogs 0.9.8 Keywords
Wflogs 0.9.8
PIX
firewall log analysis tool
log analysis tool
firewall log analysis
logs in
Log analysis
firewall log
analysis tool
NetFilter
Wflogs
logs
log
firewall
-o
Wflogs 0.9.8
Bookmark Wflogs 0.9.8
Wflogs 0.9.8 Copyright
WareSeeker periodically updates pricing and software information of Wflogs 0.9.8 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Wflogs 0.9.8 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
web log analysis tools
firewall log analysis tools
log analysis tools
log splitter
web log analysis tool
pix firewall log analysis
log homes
logsdon
iis log analysis tool
linux netfilter
wflogs centos
firewall log analysis software
netfilter howto
logsdon school of theology
log cabins
netfilter iptables
gas logs
analysis tools
Related Software
Webfwlog is a flexible web-based firewall log analyzer and reporting tool. Free Download
WallFire is a very general and modular firewalling application based on Netfilter or any kind of low-level framework. Free Download
fwanalog is a shell script that parses and summarizes firewall logfiles. Free Download
phpWebLog is a complete web news management system written in PHP. Free Download
adcfw-log is a tool for analyzing firewall logs in order to extract meaningful information. Free Download
Rodent is an ident daemon that is capable of routing AUTH requests to other machines on your network. Free Download
KPopup is a program, for sending and receiving Microsoft WinPopup messages. Free Download
Feedview is a Firefox extension that shows newsfeeds/blogs in a more stylish way. Free Download
Latest Software
Popular Software
Favourite Software
