Sure there is. In the firewall logs there is a section for rules. First thing is make sure all rules are set to log (keep in mind you will increase load on firewalls and logging/management servers).
Then you will have a few options: 1) use SmartReporter (you may not need to turn on logging on all rules for this one). 2) You can export your log and parse through it. Writing your own scripts. 3) There are plenty of parsers freely available http://www.loganalysis.org/sections/parsing/application-specific/ One that was simple to setup is http://www.fellhauer-web.de/projects/fw1-loggrabber.html Christian Chiaverini > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf > Of Vijayendra Sharma > Sent: Thursday, June 02, 2005 4:38 AM > To: [email protected] > Subject: [FW-1] Rulebase Hit Count. > > Hi All, > > I want to streamline my rulebase depending upon hit-list. ie; > I plan to move most used rule towards the top of rule-base. > > Is there a way I can have counts of hits for each rule in a rule-base? > > Best Regards, > Vijayendra K. S. > > Send instant messages to your online friends > http://asia.messenger.yahoo.com > > ================================================= > To set vacation, Out-Of-Office, or away messages, send an > email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your subscription > options, email [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
