Thanks to everyone who responded. Disclaimer: I have yet to try them out. Most people pointed at fwsum, hosted at http://fwlogsum.sourceforge.net/ and *another* fwlogsum hosted at http://www.ginini.com.au/software/fwlogsum/
Another couple of tools are available at www.phoneboy.com, namely in this context (I believe) fw1repo.zip, fwlogsum2.zip (possibly the same as one the previous ?), fwscript. A simple reported based on access is available at http://www.enteract.com/~lspitz/logger.html There seems to be a Reporting Module from checkpoint itslef (commercial), see http://www.checkpoint.com/products/management/reportingmodule.html Several commercial third-party products are webtrends/netiq, www.webtrends.com, www.netiq.com webspy analyzer www.webspy.com sawmill www.flowerfire.com/sawmill Heiko -- -- PREVINET S.p.A. [EMAIL PROTECTED] -- Via Ferretto, 1 ph x39-041-5907073 -- I-31021 Mogliano V.to (TV) fax x39-041-5907087 -- ITALY > -----Original Message----- > From: Herold Heiko [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 18, 2002 10:43 AM > To: Security-Basics List (E-mail) > Subject: Fw-1 logfile analyzer ? > > > Is there any decent logfile analyzer for fw-1 out there ? > I can't go the commercial path like websense ecc (PHB problem), and > looking at them with eyeball and memory really won't do any good :( > > C, perl, if neccessary (because I don't know it yet) even > python or over > dialects will be gladly accepted, I'll can do the analysis part on > linux, solaris, openbsd or windows, whatever is neccessary. > The firewall itself is 4.1 on nokia hardware. > > Thanks > Heiko > > > Heiko > > -- > -- PREVINET S.p.A. [EMAIL PROTECTED] > -- Via Ferretto, 1 ph x39-041-5907073 > -- I-31021 Mogliano V.to (TV) fax x39-041-5907087 > -- ITALY >
