[Dshield] Need a way to automate firewall log extracts
wlarmon at dshield.org
Sun Mar 9 16:38:32 GMT 2003
> At 01:48 AM 3/9/2003 -0600, KJS_Public authored the following:
> >. . . The only problem is that the output is not formatted exactly the
> >same way as the manual export . It is very close though and maybe cvtwin
> >could be altered to accept this format or maybe someone could write a
> >conversion program for it.
> >It would make sending in the Norton logs a lot easier.
I didn't know about that! Can you send me a sample of this log format so I
can see about adapting CVTWIN to use it?
> I had the same problem with my NetGear's Syslog.
Kiwi Syslog Daemon captures syslog.
I'd need to add a converter to cvtwin,if one doesn't already exist that
would work with it.
> Work it backwards. Start
> with a copy of blat which is a public domain command line
> mailer. You can
> get a copy at www.blat.net.
> Using Blat, you can schedule a send every hour and you create a
> message in
> blat from a text file.
If you want to roll your own, CVTWIN includes a DOS version of SNDMAIL.EXE,
which is a command line version of the sndmail.dll that CVTWIN uses to send
> To create that text file you need to parse the output from the logs. This
> is simpler than it sounds using some elementary VB Script. MS's script
> reference is here:
> you need any help, let me know.
The source code for CVTWIN is available at
http://www.dshield.org/clients/cvtwin-source.zip It uses MS Visual BASIC
More information about the list