ISC Feature of the Week: How to Submit Firewall Logs
Last Updated: 2012-01-04 14:43:30 UTC
by Adam Swanger (Version: 1)
Each week, usually on Tuesday, we are going to highlight an ISC/DShield site feature so all our users become more aware of all the great functionality that is available!
This week's ISC/DShield feature is How To Submit Your Firewall Logs To DShield and can be found at https://www.dshield.org/howto.html
Much of the reporting on the ISC/DShield websites is from data collected from users submitting firewall logs. There are many existing scripts and services available so chances are high that all you have to do to get started is a quick download and cron on your firewall.
Here's how it's done:
1. Signup is recommended for maximum benefits but not required. See the link below for all the added features an account will give you.
2. Find an existing script to load and cron on your firewall.
3. If, by chance, you don't find an existing client, you can write your own.
Using the data:
1. Access the data and feeds.
2. Browse the data results.
That's a quick link list to get you started. If you can't find the details you're looking for on the website or have a question or comment, please drop us a note in the contact form isc.sans.edu/contact.html
Adam Swanger, Web Developer (GWEB)
Internet Storm Center (http://isc.sans.edu)
In psad.conf you can set
Jan 4th 2012
1 decade ago
Jan 11th 2012
1 decade ago