Firewall Wizards mailing list archives
Re: Reading firewall logs
From: ark () eltex ru
Date: Thu, 27 Apr 2000 14:14:06 +0400
-----BEGIN PGP SIGNED MESSAGE----- nuqneH, I do. My firewall is fwtk derivative, so all the logs are pretty human-readable. What i have: a tool that shows me log with fancy colors, custom filtering and separate event window - allowing me to find important information real fast. On-demand reports are also there. an alert subsystem that informs me if something really worth of notice happens and sends me message to GSM phone a frequentcheck thing that runs from cron and reports unusual activity daily, weekly and monthly summary reports. The only damn thing that really annoys me and wastes my time is misconfigured icq clients all over the internet. Unfortunately i can't just kill stupid beast forever. Alex Lim <mwlalex () magix com sg> said :
Hi, I am hoping to hear some enlightening comments on reading firewall logs. I am curious if people are actually doing it or is there some kind of tools that we can buy off the shelf. I dun think it's productive or efficient to ask an employee to spend a few hours reading the logs just to look out for anomalies. Anyone care to comment ? BTW I am referring to the Checkpoint FW-1 logs. TIA Alex Lim
_ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBOQgS7aH/mIJW9LeBAQGL+wP+Otajf+UfAVtB+rXJNdwtmmKlNx72TiFH xRIB1+3mFLgzaTKkfk9+WNHhgstk4IX5qEy3+Knv3bN1iqTfXNqErKhFpVOybG44 G7dZ68R+pTdXFGbUPXQBOSMjBD4wv3dNHO5Av8hI81zMNY3BuRudiMqZubBxxVBX SpaLkaQqMYY= =SpoW -----END PGP SIGNATURE-----
Current thread:
- Reading firewall logs Alex Lim (Apr 26)
- Re: Reading firewall logs Bill Pennington (Apr 27)
- Re: Reading firewall logs Lance Spitzner (Apr 27)
- RE: Reading firewall logs Andrew Helm-Cowley (Apr 27)
- Re: Reading firewall logs Jim Seymour (Apr 27)
- Re: Reading firewall logs Dominik Miklaszewski (Apr 28)
- <Possible follow-ups>
- RE: Reading firewall logs Litney, Tom (Apr 27)
- Re: Reading firewall logs ark (Apr 27)
- Re: Reading firewall logs Bill_Royds (Apr 28)
- RE: Reading firewall logs -reply Mark . Teicher (Apr 28)