Any way to use LIRE for Check Point?
Francis J. Lacoste
flacoste at logreport.org
Wed Jan 7 17:13:34 CET 2004
Hello Darren,
A user contributed a DLF converter for CheckPoint Firewall.
It is not enabled by default because it requires additionnal tools.
You need to install the Date::Manip CPAN module and download
the fw1-loggrabber helper application from
http://www.fellhauer-web.de/projects/fw1-loggrabber.html
Once these dependencies are installed. You need to enable
the DLF converter. To do this, just replace the line
#fw_lea firewall
line in the <sysconfdir>/lire/address.cf file by
fw1_lead firewall
(There is a typo in the service name, it's fw1_lea, not fw_lea.)
More information on FW1 support can be obtained by reading the
fw1_lea(1) man page.
On Mon, 2003-11-24 at 12:13, Darren Fine wrote:
> Hi there,
>
> Is there any way to use LIRE for analyzing Check Point Firewall
> exported log files?
>
> (maybe a something to convert the logs to Welf format or something)
>
> I look forward to hearing from you.
>
Kind regards,
Francis J. Lacoste
--
Francis J. Lacoste . . http://www.logreport.org
/^LogReport$/ . . flacoste at logreport.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.logreport.org/pipermail/questions/attachments/20040107/6843df7e/attachment.bin
More information about the Questions
mailing list