Our management console ftps our logs to a FreeBSD box, where we can
parse them (or combine them and parse them) with scripts.
The problem is in the logs themselves. Here is the first line from
each of the last 6 days.
num,date,time,orig,type,action,alert,i/f_name,i/f_dir,proto,src,dst,
rule,icmp-type,icmp-code,xlatesrc,xlatedst,service,s_port,len,reason:,
xlatesport,xlatedport,port:,IKELog:,sys_msgs
num,date,time,orig,type,action,alert,i/f_name,i/f_dir,proto,src,dst,
service,s_port,len,rule,xlatesrc,xlatedst,reason:,xlatesport,xlatedport,
icmp-type,icmp-code,port:,sys_msgs
num,date,time,orig,type,action,alert,i/f_name,i/f_dir,proto,src,dst,
service,s_port,len,rule,xlatesrc,xlatedst,reason:,xlatesport,xlatedport,
icmp-type,icmp-code,IKELog:,port:,sys_msgs
num,date,time,orig,type,action,alert,i/f_name,i/f_dir,proto,src,dst,
service,s_port,len,rule,xlatesrc,xlatedst,icmp-type,icmp-code,xlatesport,
xlatedport,reason:,port:,IKELog:,sys_msgs
num,date,time,orig,type,action,alert,i/f_name,i/f_dir,proto,src,dst,
service,s_port,len,rule,xlatesrc,xlatedst,icmp-type,icmp-code,xlatesport,
xlatedport,reason:,port:,IKELog:,sys_msgs
num,date,time,orig,type,action,alert,i/f_name,i/f_dir,proto,src,dst,
service,s_port,len,rule,xlatesrc,xlatedst,xlatesport,xlatedport,icmp-type,
icmp-code,reason:,port:,IKELog:,sys_msgs
My question is this: Why does the order of the columns change from day
to day? How do I control this?
Thanks.
Ned Fleming
--
Ned Fleming
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
