[Dshield] client to submit Zyxel ZyWall 10W logs anyone

Wayne Larmon wlarmon at dshield.org
Sat Oct 25 02:34:55 GMT 2003


> does anyone have a windows client do parse and reformat the logs
> from a Zyxel Zywall 10W firewall ?

I can write a new converter for our "Universal" Windows client if you can
get the router working with Kiwi Syslog Daemon.
http://www.dshield.org/clients/kiwi_setup.php  Which you probably can,
because Kiwi is a Windows replacement for *NIX syslog.

Kiwi reformats the log somewhat, so I need you to get going with Kiwi and
collect some logs, and then send a representative sample to me (as an
attachment.)

Wayne Larmon
DShield.org
wlarmon at dshield.org

> Perl is fine too.
>
> A typical line in syslog looks like the following:
>
> Oct 24 20:33:21 192.168.1.1  Oct 24 18:33:17 gateway
> src="80.218.56.147:3543" dst="80.218.79.xxx:135" msg="Firewall default
> policy:
> TCP(set:8)" note="ACCESS BLOCK"




More information about the list mailing list