fwlogsum is a perl script to summarise FW1 logs making it easier to see what services are being blocked or allowed through your firewall. It provides many sorting and filtering options and also handles address/port translation.
In addition, it can also handle logs from other firewalls by using a converter.
The report output can be in text (80 or 132 column output) or in HTML. The HTML report option is in table format and has additional functions over the ASCII report, such as bar chart summaries and specified highlighted entries.
You can process both standard logs and accounting logs.
It can be run on Unix or NT servers and is designed to work with Firewall-1 3.x, 4.x and NG. It should work with any future releases unless there are major changes in logging.
For users with Firewall-1 1.x or 2.x, there is an older release that will work with these versions.
The following log features are recognised:
- Accept, Drop and Reject entries.
- NAT'ed entries.
- Encrypted/Decrypted entries.
- Alert entries.
- SmartDefense entries.