[fwAnalog] Help needed changing LOGFORMAT

From: Chris Arrowood (chris.arrowood~AT~cybertivity.com)
Date: Tue Aug 19 2003 - 04:01:08 CEST

Could anyone help a newbie? :-)

I do not know how to change the format. Any pointers?

(I use metalog as my logger. Here is the (anonymized) output when fwanalog runs against /var/log/everything/current)

<...snipped many lines similar to the next...> C: 2003 Aug 18 16:54:25 [kernel] IN=eth1 OUT= MAC= SRC= DST= LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=34067 DF PROTO=TCP SPT=4865 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 C: *
analog: Warning L: Large number of corrupt lines in logfile /root/firewall/fwanalog.all.log: turn debugging on or try different LOGFORMAT
Current logfile format:
%S %j %u [%d/%M/%Y:%h:%n:%j] "%j%w%r%wHTTP%j" %c %b "%f" "%j" %t %v\n


