You are not logged in.
I managed to make ready the BASE - based iptables log analysis package. This is loosely based on Anthony Shearer's document on firewall analysis using ACID.
It uses a perl script (logsnorter) to regularly check iptables.log and then insert data to mysql database. There is also a daemon that can be used to start/stop that script. The database structure is based on Snort's structure with own additions that are needed for BASE.
Some pear modules are needed for php in order for a full operation. I did not make separate packages for them - they are just installed by using pear's own installer. I hope this is ok with Arch packaging rules.
Offline