Logfile-Analyse unter GNU/Linux

Administration : Logging : Analyzer : Übersicht
28-Nov-2004/09-Jan-07

Übersicht

Dokumentation des Netfilter Log-Formats:

Netfilter Log Format,
logi.cc/linux/netfilter-log-format.php3.

 

Zur Analyse von Logfiles von Firewalls sind folgende Tools geeignet:

Netfilter Log Analyzer,
logi.cc/linux/NetfilterLogAnalyzer.php3.

Web-basiert; Eingabe von bis zu zehn Zeilen aus dem Netfilter- oder Ipchains-Logfile. Das Analyse-Tool aggregiert nicht die Logfile-Daten, sondern gibt einen ausführlichen Kommentar zu den Einträgen aus.

Logwatch,
www2.logwatch.org:81.

»Logwatch is a customizable log analysis system. Logwatch parses through your system's logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. Logwatch is easy to use and will work right out of the package on most systems«.

Fwlogwatch,
fwlogwatch.inside-security.de.

»Fwlogwatch is a packet filter / firewall / IDS log analyzer written by Boris Wesslowski originally for RUS-CERT. It supports a lot of log formats and has many analysis options. It also features incident report and realtime response capabilities, an interactive web interface and internationalization«.

Shorewall: parsefw,
www.shorewall.net/pub/shorewall/parsefw.

Shorewall-spezifische Analyse-Skripts.

Aaron's Linux Scripts: ADMLogger (zzg. div. Plugins),
www.fireparse.com,
aaron.marasco.com/linux.html.

»ADMLogger is a log analyzing engine based on 'fireparse.' After I had written fireparse, I had found myself writing little scripts based on it. Like one that told me what my FTP server did that day. And then more things like - were unauthorized machines trying to get IP addresses from my DHCP server? So I decided to rip out the 'engine' of fireparse to create a generic log analyzer system. Using this core, I could easily build upon it with plugins. This also made it easier on my systems since there was now only one entry for cron, and I didn't have different code everywhere - a bug fix in fireparse had me searching the rest of my systems looking to see if I still used that line« (aaron.marasco.com/linux.html, 28-Nov-2004).

Isoqlog,
www.enderunix.org/isoqlog.

»Isoqlog is an MTA log analysis program written in C. It designed to scan qmail, postfix, sendmail and exim logfile and produce usage statistics in HTML format for viewing through a browser. It produces Top domains output according to Sender, Receiver, Total mails and bytes; it keeps your main domain mail statistics with regard to Days Top Domain, Top Users values for per day, per month and years« (Quelle: www.enderunix.org/isoqlog; Zugriff: 16-Dec-2004).

Literatur

Siehe auch: Literatur zum Logging unter GNU/Linux.

Siehe auch

Networking (Administration von und mit GNU/Linux).

Netmarks

Logwatch.org: Logfile Groups,
www2.logwatch.org:81/tabs/docs/HOWTO-Make-Filter.html.

Anmerkungen

Forum: (Anmerkungen in diesem Forum: )

Neue Anmerkung verfassen

Darstellungsmodus : Alle | Voransicht | Nur Titel | Aktualisieren

Besuchen Sie 2eNetWorX und Open Source & Free Software für weitere freie Software-Projekte unter Win32.

[ Weiter ]

	URL: http://www.kefk.net/Linux/Administration/Logging/Analyzer/index.asp.
	Translate this page to  English French  Service provided by Google.
	Website: About | Index | Inhalt | Site Map | Suchen | Wer ist online? | What's new?. Thematisch verwandte Subsites: Apple | BSD | Open Source | Project »Tark« | Software | UNIX | Windows | Wissen. Mirrors: Connected | DAHB | Debian-Howto | Jargon File | Linuxfibel | Linux-Buch | RUTE | SelfLinux | TeX.
	Ergänzungen, Kommentare und Fragen: Kontakt | Foren | Wiki. E-Mail: echo "asb at keNOSPAMfk.net"| sed -e "s/ at /@/" -e "s/NOSPAM//". Registered Linux user: #34377 <http://counter.li.org>.
	Copyright | Credits | Disclaimer | Impressum | Rechtliche Hinweise | Wayback Machine.