If your log is too large I'd carefully evaluate which rules are logging. >From the goole search: firewall log parsing I received the following interesting results:
http://www.aetdata.com/tracer/firewalllogtutorial.html talks about parsing firewall logs http://www.dixongroup.net/hatchet/ is a tool for parsing OpenBSD PF logs, > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:owner-freebsd- > [EMAIL PROTECTED] On Behalf Of Darryl Hoar > Sent: Monday, September 13, 2004 8:13 AM > To: [EMAIL PROTECTED] > Subject: IPFILTER - Understanding log entries > > Greetings, > I have a machine installed with Freebsd & IPFILTER. > The machine is setup as a firewall. > > The log files generated are large. First, is there a > tutorial or tool that will process the log file and show > what the threat is ? (if there is one). > > Also, how do others handle the volume of entries in > the log file ? > > thanks, > Darryl > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > [EMAIL PROTECTED]" _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"