[Dshield] Cisco logfile client?

Jost Krieger Jost.Krieger+dshield at ruhr-uni-bochum.de
Fri May 11 12:01:36 GMT 2001


Has anyone something for reformatting the following into dshield reports?

May 11 09:27:44 cisco-c.rz.ruhr-uni-bochum.de 1410875: May 11 09:27:43: %SEC-6-IPACCESSLOGP: list from-internet denied tcp 213.46.75.210(1459) -> 134.147.252.246(21), 1 packet
May 11 09:27:50 cisco-c.rz.ruhr-uni-bochum.de 1410880: May 11 09:27:50: %SEC-6-IPACCESSLOGP: list from-internet denied tcp 213.46.75.210(1673) -> 134.147.253.206(21), 1 packet
May 11 09:27:54 cisco-c.rz.ruhr-uni-bochum.de 1410883: May 11 09:27:53: %SEC-6-IPACCESSLOGP: list from-internet denied tcp 213.46.75.210(1750) -> 134.147.254.29(21), 1 packet
May 11 09:27:57 cisco-c.rz.ruhr-uni-bochum.de 1410885: May 11 09:27:56: %SEC-6-IPACCESSLOGP: list from-internet denied tcp 213.46.75.210(1722) -> 134.147.254.1(21), 1 packet
May 11 09:27:58 cisco-c.rz.ruhr-uni-bochum.de 1410886: May 11 09:27:57: %SEC-6-IPACCESSLOGP: list from-internet denied tcp 213.46.75.210(1930) -> 134.147.254.209(21), 1 packet
May 11 09:28:01 cisco-c.rz.ruhr-uni-bochum.de 1410888: May 11 09:28:00: %SEC-6-IPACCESSLOGP: list from-internet denied tcp 213.46.75.210(1976) -> 134.147.255.1(21), 1 packet
May 11 09:28:05 cisco-c.rz.ruhr-uni-bochum.de 1410891: May 11 09:28:04: %SEC-6-IPACCESSLOGP: list from-internet denied tcp 213.46.75.210(2167) -> 134.147.255.192(21), 1 packet

Else I'll give it a try.

Jost
-- 
| Jost.Krieger at ruhr-uni-bochum.de      Please help stamp out spam! |
| Postmaster, JAPH, resident answer machine          am RZ der RUB |
| Pluralitas non est ponenda sine necessitate                      |
|                                 William of Ockham (1285-1347/49) |




More information about the list mailing list