[fwAnalog] Fwanalog on Watchguard Firebox

From: Steven Schnee (slider2717~AT~hotmail.com)
Date: Wed Jul 07 2004 - 22:17:15 CEST

• Next message: Balázs Bárány: "Re: [fwAnalog] Fwanalog on Watchguard Firebox"
• Previous message: Balázs Bárány: "Re: [fwAnalog] fwanalog to chart outgoing web traffic"
• Next in thread: Balázs Bárány: "Re: [fwAnalog] Fwanalog on Watchguard Firebox"
• Reply: Balázs Bárány: "Re: [fwAnalog] Fwanalog on Watchguard Firebox"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello all,

I looked over all the previous postings and did not see anything on Watchguard. I am using analog 5.32 and fwanalog 0.6.4 on Red Hat 7.3.

I have tried running fwanalog on the following logfiles:

logfiles with the .wgl extension
logfiles that were exported to text via Historical Reports utility logfiles that were sent to Syslog via Log_Local0

The logfiles have thousands of entries with both accepts and drops. I changed the fwanalog.opts.watchguard file to fwanalog.opts.

When I run the fwanalog script it takes 1 second and does not produce errors. It does produce a report that contains the following:

Block statistics of your firewall created by fwanalog 0.6.4

General Summary

In addition to reviewing proior postings I have also attempted many google searched with little results. Has anyone had success with Firebox logs? The text export is comma delimited, so is there a fwanalog config file that I can edit to tell it what fields are in my logfile?

Thanks!
Steve

• Next message: Balázs Bárány: "Re: [fwAnalog] Fwanalog on Watchguard Firebox"
• Previous message: Balázs Bárány: "Re: [fwAnalog] fwanalog to chart outgoing web traffic"
• Next in thread: Balázs Bárány: "Re: [fwAnalog] Fwanalog on Watchguard Firebox"
• Reply: Balázs Bárány: "Re: [fwAnalog] Fwanalog on Watchguard Firebox"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Sat Jul 10 2004 - 21:02:03 CEST