pflogx 0.86 review
Downloadpflogx is a simple tool that exports OpenBSD packet filter logs to XML files. pflogx reads a binary log file generated by the pf l
|
|
pflogx is a simple tool that exports OpenBSD packet filter logs to XML files.
pflogx reads a binary log file generated by the pf logging daemon (pflogd) and generates a human-readable and exploitable XML file.
Using an XSLT processor you can convert this XML file to any other format, such as HTML, CSV, or SQL.
Installation:
Installation of pflogx is quite simple. Just type the following commands to compile it and to install it in /usr/local/bin directory:
# make
# cp src/pflogx /usr/local/bin/pflogx
Usage:
Executed without options, pflogx reads packet filter logfile from standard input and generates an XML file containing all entries of logfile to standard output.
Available options are detailed in the next section.
Output XML file contains the following fields:
- Date,
- Interface name,
- Action,
- Rule number,
- Direction,
- Protocol,
- Source address,
- Source port,
- Destination address,
- Destination port.
The last four fields are only defined when protocol is TCP or UDP.
What's New in This Release:
The code was fixed to allow building with GCC 2.
An XSLT file was added for generating XHTML 1.0 Strict files from the output XML file.
The existing XSLT file for generating HTML was updated to generate HTML 4.01 Strict files.
pflogx 0.86 keywords