[Dshield] IPNetSentry v1.3.1
Johannes B. Ullrich
jullrich at euclidian.com
Fri Nov 23 12:59:43 GMT 2001
-----BEGIN PGP SIGNED MESSAGE-----
We don't have any kind of Mac client at this time, which is a pitty, so
feel free to chip in with one. I don't have a Mac, so I can't easily write
The basic formats and such are explained at
It looks like a simple 'resorting' of the fields in your log will do.
Fields not provided by the log should be replaced with '???'.
On Thu, 22 Nov 2001, Jim Vermillion wrote:
> Hi all....
> I'm brand new here, Mac user, IPNetSentry v 1.3.1 is my dialup
> security. I'd contribute log files, but don't see a ready made
> parser for them on the site.
> Is there one, or an alternate, or.... do I have to learn a bit more
> than I was planning right now?
> Here is one log entry for illumination:
> 11/22/01 20:48:39 Trigger IP Addr: 220.127.116.11 TCP Port: 80 Svc:
> http 0 secs
> Guidance in formatting / parsing this log entry example ?
jullrich at sans.org Join http://www.DShield.org
Distributed Intrusion Detection System
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the list