Easy to use iptables log analyzer

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












For example, I have the following 3 records in an iptables log file (.log).



Mar 9 17:05:22 xxx-ThinkPad kernel: [ 9554.663838] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0 
Mar 9 17:06:44 xxx-ThinkPad kernel: [ 9636.123851] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
Mar 9 17:10:22 xxx-ThinkPad kernel: [ 9854.121740] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0


I want an iptables analyzer that loads this .log file, and automatically analyze each record line by line, and generate output using user-defined parameters.



For example:



Time | Source | Destination | Content of prefix



xxxx | xxxxxx | xxxxxxxxxx | A-Prefix-Name



...... (summary of each record)



How to achieve this? I can Google several existing log analyzer. But I find many of them needs e.g., MySQL, additional package, HTML page, etc. I prefer to try an easy-to-use and straight-forward tool first.







share|improve this question
























    up vote
    0
    down vote

    favorite












    For example, I have the following 3 records in an iptables log file (.log).



    Mar 9 17:05:22 xxx-ThinkPad kernel: [ 9554.663838] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0 
    Mar 9 17:06:44 xxx-ThinkPad kernel: [ 9636.123851] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
    Mar 9 17:10:22 xxx-ThinkPad kernel: [ 9854.121740] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0


    I want an iptables analyzer that loads this .log file, and automatically analyze each record line by line, and generate output using user-defined parameters.



    For example:



    Time | Source | Destination | Content of prefix



    xxxx | xxxxxx | xxxxxxxxxx | A-Prefix-Name



    ...... (summary of each record)



    How to achieve this? I can Google several existing log analyzer. But I find many of them needs e.g., MySQL, additional package, HTML page, etc. I prefer to try an easy-to-use and straight-forward tool first.







    share|improve this question






















      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      For example, I have the following 3 records in an iptables log file (.log).



      Mar 9 17:05:22 xxx-ThinkPad kernel: [ 9554.663838] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0 
      Mar 9 17:06:44 xxx-ThinkPad kernel: [ 9636.123851] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
      Mar 9 17:10:22 xxx-ThinkPad kernel: [ 9854.121740] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0


      I want an iptables analyzer that loads this .log file, and automatically analyze each record line by line, and generate output using user-defined parameters.



      For example:



      Time | Source | Destination | Content of prefix



      xxxx | xxxxxx | xxxxxxxxxx | A-Prefix-Name



      ...... (summary of each record)



      How to achieve this? I can Google several existing log analyzer. But I find many of them needs e.g., MySQL, additional package, HTML page, etc. I prefer to try an easy-to-use and straight-forward tool first.







      share|improve this question












      For example, I have the following 3 records in an iptables log file (.log).



      Mar 9 17:05:22 xxx-ThinkPad kernel: [ 9554.663838] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0 
      Mar 9 17:06:44 xxx-ThinkPad kernel: [ 9636.123851] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0
      Mar 9 17:10:22 xxx-ThinkPad kernel: [ 9854.121740] A-Prefix-NAME: IN=br0 OUT=br0 PHYSIN=enx00051ba2d1e4 PHYSOUT=enp0s25 MAC=00:c0:3a:17:10:33:00:14:4f:56:85:91:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=50 TOS=0x00 PREC=0x00 TTL=64 ID=40273 DF PROTO=TCP SPT=50467 DPT=4031 WINDOW=49640 RES=0x00 ACK PSH URGP=0


      I want an iptables analyzer that loads this .log file, and automatically analyze each record line by line, and generate output using user-defined parameters.



      For example:



      Time | Source | Destination | Content of prefix



      xxxx | xxxxxx | xxxxxxxxxx | A-Prefix-Name



      ...... (summary of each record)



      How to achieve this? I can Google several existing log analyzer. But I find many of them needs e.g., MySQL, additional package, HTML page, etc. I prefer to try an easy-to-use and straight-forward tool first.









      share|improve this question











      share|improve this question




      share|improve this question










      asked Mar 14 at 13:09









      Li Dong

      1084




      1084

























          active

          oldest

          votes











          Your Answer







          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: false,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );








           

          draft saved


          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f430180%2feasy-to-use-iptables-log-analyzer%23new-answer', 'question_page');

          );

          Post as a guest



































          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes










           

          draft saved


          draft discarded


























           


          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f430180%2feasy-to-use-iptables-log-analyzer%23new-answer', 'question_page');

          );

          Post as a guest













































































          Popular posts from this blog

          How to check contact read email or not when send email to Individual?

          Displaying single band from multi-band raster using QGIS

          How many registers does an x86_64 CPU actually have?