You are not logged in.

#1 2005-07-27 15:56:09

Registered: 2005-02-01
Posts: 311

web-based firewall log analysis package released

I managed to make ready the BASE - based iptables log analysis package. This is loosely based on Anthony Shearer's document on firewall analysis using ACID.

It uses a perl script (logsnorter) to regularly check iptables.log and then insert data to mysql database. There is also a daemon that can be used to start/stop that script. The database structure is based on Snort's structure with own additions that are needed for BASE.

Some pear modules are needed for php in order for a full operation. I did not make separate packages for them - they are just installed by using pear's own installer. I hope this is ok with Arch packaging rules.


Board footer

Powered by FluxBB