News | Shareware | IServices | Resellers | Projects | Partnerships |
[D] | log2pdf: an example to use txt2pdf to convert pix and netscreen log files to pdfsby SANFACE Software |
---|
log2pdf is not a new product. Simply it's a new idea to use txt2pdf family products (txt2pdf, txt2pdf PRO and txt2pdf PRO +crypt).
Every appliance, every application can make a log file. A log file is usually a text file with specific tags to notify errors, warnings, etc.
We have selected 2 special examples (2 logs of 2 firewalls: PIX of Cisco and NetScreen) to show you how you can simply convert logs to pdfs, marking the errors, the warnings and every special tag using standard regular expressions.
We have used this simple example with few log lines:
Feb 4 23:57:54 gw.foobar.com %PIX-4-106023: Deny udp src outside:xxx.xxx.146.12/2523 dst inside:xxx.xxx.10.2/1434 by access-group "outside_acl" Feb 5 07:38:50 10.87.62.40 %PIX-5-304001: 10.5.5.1 Accessed URL xxx.xxx.10.2:/aharrison@awod.com?on_url=http://xxx.xxx.10.2/scripts/..%%35c../winnt/system32/cmd.exe?/c+ %PIX-5-111001: Begin configuration: console writing to memory Dec 19 04:40:54 gw.foobar.com %PIX-4-400027: IDS:3041 TCP SYN+FIN flags from xxx.xxx.146.23 to xxx.xxx.10.2 on interface outside
We have used colour.cfg to mark with special colours every line that has a pecial %PIX mark:
^.*%PIX-4-106023.*$;0:0:1
^.*%PIX-5-304001.*$;1:0:0
^.*%PIX-4-400027.*$;0:1:0
This syntax use standard regular expression. The first line means: mark rgb (0,0,1) blue the line that start (^) with one or more chars (.*) and %PIX-4-106023 (the special marker) with one or more chars (.*). $ means end of line.
The final Pix pdf
This is a similar example of a NetScreen log:
Feb 5 19:39:42 10.1.1.1 ns25: Netscreen device_id=00351653456 system-notification-00257(traffic): start_time="2003-02-05 19:39:04" duration=0 policy_id=320001 service=1434 proto=17 src zone=Untrust dst zone=Trust action=Deny sent=0 rcvd=40 Feb 5 19:39:42 10.1.1.1 ns25: Netscreen device_id=00351653456 system-notification-00257(traffic): start_time="2003-02-05 19:34:44" duration=1 policy_id=0 service=http proto=6 src zone-Trust dst zone=Untrust action=Permit sent=11903 rcvd-31454 src=10.5.5.1 dst=xxx.xxx.10.2 src_port=1254 dst_port=80 translated Feb 7 14:37:30 10.1.1.1 ns25: NetScreen device_id=00351653456 system-warning-00515: duration=0 start_time="2003-02-07 14:37:04" netscreen: Admin User "netscreen" logged in for Web(https) management (port 443) from 12.146.232.2:3473. (2003-02-07 14:34:32) Feb 7 14:41:33 10.1.1.1 ns25: NetScreen device_id=00351653456 system-information-00767: duration=1 start_time="2003-02-07 14:40:04" netscreen: The system configuration was saved by admin -netscreen-. (2003-02-07 14:38:30)
The rules we have used are very similar to the previous example:
^.*system-.*00515.*$;0:0:1
^.*system-.*00767.*$;1:0:0
The final NetScreen pdf
log2pdf is a trademark of SANFACE Software 2004.
Your technology glasses. We help you see your full potential.
sanface@sanface.com
http://www.sanface.com/
News | Shareware | IServices | Resellers | Projects | Partnerships |