12-17-2010 04:28 AM - edited 03-11-2019 12:23 PM
I work as a network forensics analyst for a gov't agency. We are getting large amounts of PIX and ASA logs being pushed to our Syslog server. I'm trying to create a script to parse/convert the standard PIX/ASA logs into CSV files in order to assist with integration to other products. Has anyone had success with this, or have a perl / shell script(awk grep, etc) written for this task? I would like to capture as much data as possible.
12-17-2010 04:58 AM
What syslog server are you using? The free kiwi syslog has an option to spin a new file based on the time or day to a text file automatically which can be archived later. Seems like kiwi can export in .csv format. http://www.kiwisyslog.com/help/syslogwebaccess/index.html?export_to_csv.htm
-KS
04-22-2012 03:08 AM
Hi
Can you please send me the shell script by which I am export the CIsco ASA log into CSV format. I have similar log with same message type,
6|Apr 19 2012|09:59:24|106100|172.10.140.184|49731|172.20.72.73|23|access-list REGION_in permitted tcp REGION/172.30.140.184(49731) -> INSIDE/172.20.72.73(23) hit-cnt 1 first hit [0x3d0b619a, 0x0]
04-22-2012 02:32 PM
Hello,
You can also have a SQL db pull the data from syslog server and export as CSV.
hth
MS
12-17-2010 05:00 AM
just a linux server, no special software, linux server with specific cron jobs to pull the data, so ideally i'll be adding a cron job to convert logs into csv.
12-20-2010 07:24 AM
anyone else have any suggestions?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide