[Dshield] client to submit Zyxel ZyWall 10W logs anyone

Wayne Larmon wlarmon at dshield.org
Sat Oct 25 02:34:55 GMT 2003

> does anyone have a windows client do parse and reformat the logs
> from a Zyxel Zywall 10W firewall ?

I can write a new converter for our "Universal" Windows client if you can
get the router working with Kiwi Syslog Daemon.
http://www.dshield.org/clients/kiwi_setup.php  Which you probably can,
because Kiwi is a Windows replacement for *NIX syslog.

Kiwi reformats the log somewhat, so I need you to get going with Kiwi and
collect some logs, and then send a representative sample to me (as an

Wayne Larmon
wlarmon at dshield.org

> Perl is fine too.
> A typical line in syslog looks like the following:
> Oct 24 20:33:21  Oct 24 18:33:17 gateway
> src="" dst="80.218.79.xxx:135" msg="Firewall default
> policy:
> TCP(set:8)" note="ACCESS BLOCK"

More information about the list mailing list