Number of visitors:
Latest version: 2.4.3
 

SnortALog: IDS/IPS and Firewall Log Analyser
 

Information
What is SnortALog
Features
Changelog
Screen Shots
Reports
Requirements

Downloads
Download Section
Additional Files

Development
SnortALog Code

Support
Usage
Examples
Documentation

Logs
Snort
CheckPoint
Pix
NetScreen
Brick
NetFilter
IPFilter
PacketFilter
TippingPoint

Donate
Support SnortALog
My CV
Expected NETFILTER logs
 
NETFILTER syslog alert
Log 1: Nov 17 12:23:49 HOST_NETFILTER kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=36 TOS=0x10 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=123 DPT=32768 LEN=16
Log 2: Nov 17 14:34:04 HOST_NETFILTER kernel: IN=eth0 OUT= MAC=00:10:5a:b1:25:1d:08:00:20:86:af:22:08:00 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=56 TOS=0x00 PREC=0x00 TTL=47 ID=357 PROTO=ICMP TYPE=3 CODE=3 [SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=62973 DF PROTO=TCP INCOMPLETE [8 bytes] ]
Log 3: Nov 25 17:16:16 HOST_NETFILTER kernel: IN=eth0 OUT= MAC=00:10:5a:b1:25:1d:00:02:b3:c8:44:90:08:00 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=41762 DF PROTO=TCP SPT=59626 DPT=113 WINDOW=5544 RES=0x00 SYN URGP=0
Log 4: Dec 14 22:35:10 HOST_NETFILTER kernel: IN=eth1 OUT=eth0 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=180 TOS=0x10 PREC=0x00 TTL=62 ID=32089 DF PROTO=TCP SPT=22 DPT=35892 WINDOW=9120 RES=0x00 ACK PSH URGP=0
Log 5: Dec 15 10:09:36 HOST_NETFILTER kernel: IN=eth0 OUT=eth1 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=56 TOS=0x00 PREC=0x00 TTL=252 ID=51475 PROTO=ICMP TYPE=3 CODE=13 [SRC=192.168.1.66 DST=217.5.100.1 LEN=57 TOS=0x00 PREC=0x00 TTL=122 ID=58633 PROTO=UDP SPT=1308 DPT=53 LEN=37 ]
Log 6: Dec 15 10:11:11 HOST_NETFILTER kernel: IN=eth0 OUT=eth1 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=56 TOS=0x00 PREC=0x00 TTL=252 ID=54737 PROTO=ICMP TYPE=3 CODE=13 [SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=60 TOS=0x00 PREC=0x00 TTL=122 ID=63242 PROTO=UDP SPT=1385 DPT=53 LEN=40 ]
Log 7: Dec 15 13:12:09 HOST_NETFILTER kernel: IN=eth1 OUT=eth0 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=76 TOS=0x00 PREC=0x00 TTL=126 ID=47652 PROTO=UDP SPT=123 DPT=123 LEN=56
Log 8: Dec 21 03:36:51 HOST_NETFILTER kernel: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0e:6a:d2:c2:00:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=60 ID=0 PROTO=UDP SPT=68 DPT=67 LEN=308
Log 9: Jun 16 12:11:10 HOST_NETFILTER kernel: IN=eth0 OUT= MAC=00:0a:5e:55:1a:c2:00:c0:9f:41:d7:7d:08:00 SRC=AAA.BBB.CCC.DDD DST=AAA.BBB.CCC.DDD LEN=246 TOS=0x00 PREC=0x00 TTL=61 ID=54732 PROTO=UDP SPT=32784 DPT=1470 LEN=226
 
 
 
 
Snort Perl Linux

powered by Jérémy Chartier
© SnortALog 2000-2011