Easy to use iptables log analyzer
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
For example, I have the following 3 records in an iptables log file (.log).
Mar 9 17:05:22 xxx-ThinkPad kernel: [ 9554.663838] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
Mar 9 17:06:44 xxx-ThinkPad kernel: [ 9636.123851] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
Mar 9 17:10:22 xxx-ThinkPad kernel: [ 9854.121740] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
I want an iptables analyzer that loads this .log file, and automatically analyze each record line by line, and generate output using user-defined parameters.
For example:
Time | Source | Destination | Content of prefix
xxxx | xxxxxx | xxxxxxxxxx | A-Prefix-Name
...... (summary of each record)
How to achieve this? I can Google several existing log analyzer. But I find many of them needs e.g., MySQL, additional package, HTML page, etc. I prefer to try an easy-to-use and straight-forward tool first.
ubuntu iptables logs rsyslog
add a comment |Â
up vote
0
down vote
favorite
For example, I have the following 3 records in an iptables log file (.log).
Mar 9 17:05:22 xxx-ThinkPad kernel: [ 9554.663838] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
Mar 9 17:06:44 xxx-ThinkPad kernel: [ 9636.123851] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
Mar 9 17:10:22 xxx-ThinkPad kernel: [ 9854.121740] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
I want an iptables analyzer that loads this .log file, and automatically analyze each record line by line, and generate output using user-defined parameters.
For example:
Time | Source | Destination | Content of prefix
xxxx | xxxxxx | xxxxxxxxxx | A-Prefix-Name
...... (summary of each record)
How to achieve this? I can Google several existing log analyzer. But I find many of them needs e.g., MySQL, additional package, HTML page, etc. I prefer to try an easy-to-use and straight-forward tool first.
ubuntu iptables logs rsyslog
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
For example, I have the following 3 records in an iptables log file (.log).
Mar 9 17:05:22 xxx-ThinkPad kernel: [ 9554.663838] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
Mar 9 17:06:44 xxx-ThinkPad kernel: [ 9636.123851] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
Mar 9 17:10:22 xxx-ThinkPad kernel: [ 9854.121740] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
I want an iptables analyzer that loads this .log file, and automatically analyze each record line by line, and generate output using user-defined parameters.
For example:
Time | Source | Destination | Content of prefix
xxxx | xxxxxx | xxxxxxxxxx | A-Prefix-Name
...... (summary of each record)
How to achieve this? I can Google several existing log analyzer. But I find many of them needs e.g., MySQL, additional package, HTML page, etc. I prefer to try an easy-to-use and straight-forward tool first.
ubuntu iptables logs rsyslog
For example, I have the following 3 records in an iptables log file (.log).
Mar 9 17:05:22 xxx-ThinkPad kernel: [ 9554.663838] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
Mar 9 17:06:44 xxx-ThinkPad kernel: [ 9636.123851] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
Mar 9 17:10:22 xxx-ThinkPad kernel: [ 9854.121740] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
I want an iptables analyzer that loads this .log file, and automatically analyze each record line by line, and generate output using user-defined parameters.
For example:
Time | Source | Destination | Content of prefix
xxxx | xxxxxx | xxxxxxxxxx | A-Prefix-Name
...... (summary of each record)
How to achieve this? I can Google several existing log analyzer. But I find many of them needs e.g., MySQL, additional package, HTML page, etc. I prefer to try an easy-to-use and straight-forward tool first.
ubuntu iptables logs rsyslog
asked Mar 14 at 13:09
Li Dong
1084
1084
add a comment |Â
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f430180%2feasy-to-use-iptables-log-analyzer%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password