[Dshield] Need a way to automate firewall log extracts
kjs_public at sbcglobal.net
Sun Mar 9 20:07:17 GMT 2003
I sent a sample log file to your email address.
----- Original Message -----
From: "Wayne Larmon" <wlarmon at dshield.org>
To: "General DShield Discussion List" <list at dshield.org>
Sent: Sunday, March 09, 2003 10:38 AM
Subject: RE: [Dshield] Need a way to automate firewall log extracts
| > At 01:48 AM 3/9/2003 -0600, KJS_Public authored the following:
| > >. . . The only problem is that the output is not formatted
| > >same way as the manual export . It is very close though and maybe
| > >could be altered to accept this format or maybe someone could
| > >conversion program for it.
| > >It would make sending in the Norton logs a lot easier.
| I didn't know about that! Can you send me a sample of this log
format so I
| can see about adapting CVTWIN to use it?
| > I had the same problem with my NetGear's Syslog.
| Kiwi Syslog Daemon captures syslog.
| I'd need to add a converter to cvtwin,if one doesn't already exist
| would work with it.
| > Work it backwards. Start
| > with a copy of blat which is a public domain command line
| > mailer. You can
| > get a copy at www.blat.net.
| > Using Blat, you can schedule a send every hour and you create a
| > message in
| > blat from a text file.
| If you want to roll your own, CVTWIN includes a DOS version of
| which is a command line version of the sndmail.dll that CVTWIN uses
| > To create that text file you need to parse the output from the
| > is simpler than it sounds using some elementary VB Script. MS's
| > reference is here:
| > you need any help, let me know.
| The source code for CVTWIN is available at
| http://www.dshield.org/clients/cvtwin-source.zip It uses MS Visual
| Wayne Larmon
| list mailing list
| list at dshield.org
| To change your subscription options (or unsubscribe), see:
More information about the list