[fwAnalog] analog warnings

From: Richard Witt <rwitt~AT~penson.com>
Date: Tue Aug 08 2006 - 20:53:15 CEST


I am testing fwanalog to see if it will serve the purpose of the reporting we need done from all of our linux firewalls. I have it installed on my machine and i have edited the fwanalog.opts file to suit my test environment. Fwanalog runs fine until it calls analog then it starts spitting out errors and never completes. The html files are created, but from the errors the log file is never read. Here is the error i get:

analog: analog version 5.32/Unix
analog: Warning F: Failed to open logfile   /root/fwanalog.out/fwanalog.all.log*: ignoring it   (For help on all errors and warnings, see docs/errors.html) analog: analog version 5.32/Unix
analog: Warning F: Failed to open logfile   /root/fwanalog.out/fwanalog.all.log*: ignoring it   (For help on all errors and warnings, see docs/errors.html) analog: analog version 5.32/Unix
analog: Warning F: Failed to open logfile   /root/fwanalog.out/fwanalog.all.log*: ignoring it   (For help on all errors and warnings, see docs/errors.html) analog: analog version 5.32/Unix
analog: Warning F: Failed to open logfile   /root/fwanalog.out/fwanalog.all.log*: ignoring it   (For help on all errors and warnings, see docs/errors.html)

The log file is there and it is readable. I am running everything as root also.
Output of ls -l

wslinux-rwitt fwanalog.out # ls -l
total 5184406
-rw-r--r-- 1 root root 855 Aug 8 13:45 alldates.html
-rw-r--r-- 1 root root 0 Aug 8 13:44 analog-domains.tab
-rw-r--r-- 1 root root 756 Aug 8 13:45 analog.err
-rw-r--r-- 1 root root 5303630856 Aug 8 13:27 fwanalog.all.log
-rw-r--r-- 1 root root 855 Aug 8 13:45 lastweek.html
-rw-r--r-- 1 root root 855 Aug 8 13:45 today.html
-rw-r--r-- 1 root root 337 Aug 8 13:45 today.txt

Any help would be appreciated. Our whole institution uses linux firewalls and we would really like to have reporting capabilities.

--

Richard Witt
Network Security Engineer
Penson Financial Services
Phone: 2147651237

"It is often easier to not do something dumb than it is to do something smart." -- Unknown

Important Notice: This email is confidential, may be legally privileged, and is for the intended recipient(s) only. Access, disclosure, copying, distribution, or reliance on any information contained herein by anyone other than the intended recipient(s) is prohibited and may be a criminal offense. Please delete if obtained in error and email confirmation to the sender. Received on Tue Aug 08 20:53:18 2006

This archive was generated by hypermail 2.1.8 : Thu Sep 14 2006 - 08:22:04 CEST