[Dshield] Offer to create log parsers for Dshield

Kenneth McKinlay kmckinlay at home.com
Mon Aug 6 21:05:48 GMT 2001


I am willing to create custom parsers for converting log files to the 
format used by Dshield. Two of the parsers I have created so far are 
for CheckPoint FW-1 and ipf/ipmon.

If you want a custom parser created for some text log format not 
supported by Dshield, let me know. 

Send me the following information:
	- a good sample of a log (24 hours worth or 200 lines minimum)
	- what each field means on the line(s)
	- and the name of the process/tool that created the log. 

It should take me between 1 hour and 1 week to create the custom 
parser (depending on the complexity and the nightmares at the 
office).



Ken McKinlay, GCIA
Ottawa, Canada




More information about the list mailing list