Linux Software / Network & Internet / Server Tools / Log Analyzers

Wflogs 0.9.8

Date Added: September 01, 2010 | Visits: 1.793

Report Broken Link
Printer Friendly Version

Product Homepage
Download (128 downloads)

Wflogs is a firewall log analysis tool. It can be used to produce a log summary report in plain text, HTML and XML, or to monitor firewalling logs in real-time. This project is part of the WallFire project, but can be used independently. Usage examples: wflogs -i netfilter -o html netfilter.log > logs.html converts the given netfilter log file into a HTML report. wflogs --sort=protocol,-time -i netfilter -o text netfilter.log > logs.txt converts the given netfilter log file into a sorted (by protocol number, then reverse time) text report. wflogs -f $start_time >= [this 3 days ago] && $start_time < [this 2 days ago] && $chainlabel =~ /(DROP|REJECT)/ && $sipaddr == 10.0.0.0/8 && $protocol == tcp && ($dport == ssh || $dport == telnet) && ($tcpflags & SYN) -i netfilter -o text --summary=no shows log entries (without summary) which match the given expression (refused connection attempts that occured 3 days ago to ssh and telnet ports coming from internal network 10.0.0.0/8). wflogs -i netfilter -o text --resolve=0 --whois=0 netfilter.log converts the given netfilter log file into a text report (default mode), disabling IP address reverse lookups and whois lookups. wflogs -i netfilter -o xml netfilter.log > logs.xml exports netfilter logs in XML. wflogs -i ipchains -o netfilter ipchains.log > netfilter.log converts ipchains logs into netfilter log format. So you may process them with your favorite netfilter log analyser, for example (even if the latter may not be better than wflogs itself. wflogs -i ipfilter -o human --datalen=yes ipfilter.log produces a report about ipfilter logfile in natural language on stdout, displaying packet length (datalen option) which is not showed by default. wflogs -R -I monitors logs in real-time in an interactive shell, waiting for logs in the default system logfile, in guessed format (according to the local firewalling tool). Supported systems WallFire is intended to work on real systems such as Unix, especially Linux and *BSD. Current wflogs input modules are: - netfilter (Linux 2.4 and 2.6 firewall logs) - ipchains (Linux 2.2 firewall logs) - ipfilter (NetBSD, FreeBSD, OpenBSD, Solaris, SunOS 4, IRIX and HP-UX running ipfilter firewall logs). - cisco_pix (Cisco PIX filter logs) - cisco_ios (Cisco IOS filter logs) - snort (Snort ACLs logs) Please note that input modules are available on any architecture on which wflogs can run (for example, you can perfectly parse Cisco PIX logs on a Linux box). Whats New in This Release: - Improved matching of netfilter and ipfilter input modules. - Added support for Cisco FWSM (PIX). - Improved netfilter parsing. - Compilation fixes for *BSD. - Added wflogs.dtd. - Added wfchkintegrity tool, which enables to monitor changes in the firewalling configuration. - Fixed buffer sizes for some input modules. - Fixed parsing with recent flex versions.. the firewall log analyzer of the WallFire project

Requirements: No special requirements

Platforms: Linux

Keyword: -o, Firewall, Firewall Log Analysis, Internet, Log, Log Analysis, Log Analyzers, Logs, Netfilter, Pix, Wflogs

Users rating: 0/10

License: Freeware

Size: 747.52 KB

USER REVIEWS

More Reviews or Write Review

WFLOGS RELATED

Security Tools - Web-based Firewall Log Analyzer 0.94 Flexible web-based firewall log analyzer, supporting netfilter and ipfilter, ipfw, ipchains and Windows XP system logs, and mysql or postgresql ulogd database logs using the iptables ULOG target of netfilter.For Linux, FreeBSD, OpenBSD, Solaris,...	281.38 KB
Log Analyzers - Webfwlog 0.93 Webfwlog is a flexible web-based firewall log analyzer and reporting tool. Webfwlog supports standard system logs for linux, FreeBSD, NetBSD, Solaris, Irix, OpenBSD, OS X, etc. as well as Windows XP. Supported log file formats are netfilter,...	143.36 KB
Networking Tools - Nulog 1.2.14 Nulog is a firewall log analysis interface written in php. Netfilter is able to log selected packets directly in a database like MySQL or PostgreSQL. Nulog uses this interface to display security events in real-time on a user-friendly interface..	62.46 KB
Network & Internet - pfl 1.0 PFL can either operate as a stand-alone firewall log parser or set up to run and configure ipfw. The major focus is parsing, compressing, and filtering *NIX (to include Mac OSX) firewall logs generated by IPFW for quick and easy admin review.	29.41 KB
Networking Tools - fwknop 1.8.1 fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme based around Netfilter and libpcap that requires only a single encrypted packet in order to communicate various pieces of information including desired access...	450.56 KB
Security Tools - Apache Analyzer 0.5.2 Apache Analyzer is a Java application package for parsing and analysis of Apache logs. Reports are prepared as PDF files. OCEAN GenRap is used to analyze the data. Check out General Info in Docs page.	42.55 KB
Multimedia & Graphics - Le Petit Poucet gps software 0.2.0 Preparation of GPS routes and analysis of GPS logs in the context of outdoor sports (biking, skiing, trecking, gliding, geocaching, mountaineering). Our hope is to have a multi platform, multi GPS file and map format software.	6.18 MB
Networking Tools - ip-masq-log 1.0.2 This patch can be used on a masquerading firewall (NAT) to keep a log of all the outgoing masqueraded TCP connections. Its even possible to log the name of the user who has opened the connection. This can be a useful security tool for many small...	10.24 KB
Log Analyzers - adcfw-log 0.10.0 adcfw-log is a tool for analyzing firewall logs in order to extract meaningful information. It is designed to be a standalone script with very few requirements that can generate different kinds of reports, such as fully formatted reports of what...	83.97 KB
Networking Tools - IPTables log analizer 0.4 IPTables log analizer displays Linux 2.4 iptables logs (rejected, acepted, masqueraded packets...) in a nice HTML page (it support rough netfilter logs but also Shorewall and Suse Firewall logs). This page shall be easy to read and understand to...	307.2 KB

NEW DOWNLOADS IN SERVER TOOLS, LOG ANALYZERS

Server Tools - GAdmin-OpenVPN-Server 0.1.6 GAdmin-OpenVPN-Server is an easy to use GTK+ client for the OpenVPN server in Bridge mode. A GUI for OpenVPN Multi-Client Server bridge. It can generate and use a total of 5 signed certificates and keys including...	245.76 KB
Server Tools - Dual DHCP DNS Server 6.84 DHCP Server alots the IP addresses to computers, while DNS server resolves them. You need DHCP Server if you do not want to manually maintain IP Addresses or you have less IP Addresses than number of machines you have, as dynamic DHCP...	655.36 KB
Server Tools - Localhost Indicator 0.0.1 Localhost Indicator is a simple and highly Ubuntu 10.04 integrated localhost web server indicator of Apache2 status, which takes advantages of the indicator-applet.	20.48 KB
Server Tools - Open DHCP Server 1.45 DHCP Server Open Source Freeware. MultiSubnet DHCP Server supports Dynamic, Static Leases, Relay Agents, BOOTP, PXEBOOT, Options can be Global, Range Specific and Client Specific. Supports filtering of ranges on Mac Address, Vendor and User Class.	30.72 KB
Server Tools - GAdmin-HTTPD 0.1.5 GAdminHTTPD project is an easy to use gtk+ user interface for the Apache HTTPD webserver. Featuring: Default server and multi-vhosting management. User management. Module management. Configuration imports and creations, manual editing,...	481.28 KB
Log Analyzers - LMF 0.5 LMF project is a flexible log monitoring framework that allows the user to match text from log files, using perl regular expressions and capturing parentheses (pattern). An optional external command (trigger) will be executed when a...	16.38 KB
Log Analyzers - Xlogmaster 1.6.1 The Xlogmaster allows comfortable and fast control of the complete system status by offering an easy and comfortable way to process logfiles, status-giving devices or running programs to get a certain information. All output can be translated in...	686.08 KB
Log Analyzers - pmacct 0.11.4 pmacct is a small set of passive network monitoring tools to measure, account and aggregate IPv4 and IPv6 traffic; aggregation revolves around the key concept of primitives (VLAN id, source and destination MAC addresses, hosts, networks, AS...	296.96 KB
Log Analyzers - BruteBlock 0.0.5 BruteBlock project allows system administrators to block various bruteforce attacks on UNIX services. The program analyzes system logs and adds attackers IP address into ipfw2 table effectively blocking them. Addresses are automatically removed...	23.55 KB
Log Analyzers - MySQA 1.0.2 MySQA program is a useful program to analyze log files created by MySQL slow queries or queries that dont use indexes. About MySQL: MySQL is a multithreaded, multi-user, SQL (Structured Query Language) Database Management System (DBMS) with an...	133.12 KB

Windows Software	BeOS Software
Macintosh Software	Linux Software
PDA Software	OS/2 Software
Mobile Software	Scripts