Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Log Export

Status
Not open for further replies.
Yardyy

Yardyy

Technical User
Aug 13, 2002
448
GB
Hi,

I need to export the FW Logs IN ASCII format, i use this command at the command prompt :

fwm logexport -i logname.log -o logname.txt

Got a few questions..

1, Is there any way to automate the procedure for doing the export, i have to enter in each time the name of logfile file to export.

2, Is there any other application that i can export the logs to and then perform the conversion of the logs. Currently i do the converison on the Nokia box, and at times it slows down a lot.

3, I currently use NETiQ Firewall reporting suite for reporting, does anybody have any other recomendations..

thanks for all your help.

 
Sort by date Sort by votes
So far I have my FW scripted to do a logswitch every night then ftp the files off to an ftp server the next day. Are you doing the convertion for reporting purposes? If so the way we do it is, is we use Webtrends FW suite, we allow a PC to use the leah service this allows the PC to capture the logfile create and sends email with reports. Don't notice any impact on our mgmt station.
[cheers]
 
Upvote 0 Downvote
thats sound good, any chance you could show or send me your script that does the conversion and ftp, please remove all your companies ip addresses and so on from the script before you display it. I remember one time on exchange-admins this guy put a complete script on the BB, he later changed his passwords..

what is this leah service, and is your FW installed on NT or Other platform.

thanks in advance..

 
Upvote 0 Downvote
NP, I'll have to post it a little later today, approx 1pm est. I know I already have them posted in this group, but I'm not sure on the thead.
[cheers]
 
Upvote 0 Downvote
Here's the scripts you'll need you can use a cron job to schedule them. I have attached a cleanup which will delete the logfiles a day after they have been switch(ie. you would have todays and yesterdays logfiles, but any prior would be deleted. Make sure the ftp process is working before you schedule the cleanup.
logwitch
#! /bin/csh
#
# This file was created by Access 2 Networks. # The purpose of the file is to run the fw logswitch command.
#
# The next line reads in environment variables for this session.
#
source /var/etc/pm_cshrc
#
setenv NAME `uname -n`
setenv DATE `date +%d%b%Y-%H%M`
# The next line runs the command.
#
fw logswitch $NAME-$DATE
-----------------------------------------------------------fwlog-ftp
#! /bin/csh
#
# This file was created by Access 2 Networks. # The purpose of the file is to ftp log files to an FTP server.
#
# The next line reads in environment variables for this session.
#
source /var/etc/pm_cshrc
#
# The next line sets the environment variable for NAME and FWLOG.
#
setenv NAME `uname -n`
setenv FWLOG `date +%d%b%Y-%H`
#
# The next line changes directories.
#
cd /opt/CPfw1-50-03/log
#
# The next line zips up the files and then deletes the original log files.
#
#tar -cvzf /opt/CPfw1-50-03/log`uname -n`-`date +%d%b%Y-%H%M`-fwlog.tgz $NAME-$F
WLOG* |xargs rm -rf
#
# The next section opens an ftp session and puts the files onto the ftp server.
# It uses the .netrc file for the username and password for the ftp setting.
#
cd /opt/CPfw1-50-03/log
ftp -i <ip of ftp server> << HERE
binary
mput $NAME*
lcd /var/admin
put $NAME*
close
quit
HERE
-----------------------------------------------------------
cleanup
#! /bin/csh
#
# This file was created by Access 2 Networks. # The purpose of the file is to delete files that are old.
#
# The next line reads in environment variables for this session.
#
source /var/etc/pm_cshrc
setenv NAME `uname -n`
#
# The next line finds files in the /var/backup directory and
# deletes any files that are more than 5 days old.
# This is defined by the number after the +.
#
find /opt/CPfw1-50-03/log/$NAME* -ctime +1 -exec rm {} \;
-----------------------------------------------------------.netrc
machine <ipaddress> login <ftpuserid> password <password>
 
Upvote 0 Downvote
This is very good.

Do you know of any good resources on how to learn this type of scripting ??

Thanks very much that will be very helpfull.

Thanks
 
Upvote 0 Downvote
I know there's 2 Nokia NSA courses, the second incorporates scripting. They are fairly pricey, so what I would do is take some college Unix courses that incorporate scripting and pick up a cheap Nokia box as a sondbox. IPSO is a pre hardened BSD Unix, and basically Unix is Unix is Lnix.
[cheers]
 
Upvote 0 Downvote
Thanks very much for the tips, and the sample script.

Yardyy
 
Upvote 0 Downvote
hi,

when i do a export, in the fiel there´s not very much information.

i wanna make a report where i can see the top surfers in
our company. (bandwitdh-utilization)


can you tell me how to make a detailed logfile with checkpoint ng?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DivemasterBill
  • Locked
  • Question
Cannot connect via the SonicWall Login webpage
Replies
0
Views
174
DivemasterBill
DivemasterBill
mcdermottmb
  • Locked
  • Question
Intermittent loss of SSL connection forcing user to re-login
Replies
0
Views
130
mcdermottmb
mcdermottmb
snoopyren
  • Locked
  • Question
ASA 5505 log a VPN issue regarding Avaya VPN phone
Replies
0
Views
99
snoopyren
snoopyren
disturbedone
  • Locked
  • Question
Historical logging
Replies
0
Views
85
disturbedone
disturbedone
moorsey1982
  • Locked
  • Question
Cisco ASDM 6.2 Log Buffer
Replies
0
Views
98
moorsey1982
moorsey1982

Part and Inventory Search

Sponsor

Back
Top