Converting PIX/ASA logs into CSV

edoig.admin · ‎12-17-2010

I work as a network forensics analyst for a gov't agency. We are getting large amounts of PIX and ASA logs being pushed to our Syslog server. I'm trying to create a script to parse/convert the standard PIX/ASA logs into CSV files in order to assist with integration to other products. Has anyone had success with this, or have a perl / shell script(awk grep, etc) written for this task? I would like to capture as much data as possible.

Kureli Sankar · ‎12-17-2010

What syslog server are you using? The free kiwi syslog has an option to spin a new file based on the time or day to a text file automatically which can be archived later. Seems like kiwi can export in .csv format. http://www.kiwisyslog.com/help/syslogwebaccess/index.html?export_to_csv.htm

-KS

samarjit.das · ‎04-22-2012

Hi

Can you please send me the shell script by which I am export the CIsco ASA log into CSV format. I have similar log with same message type,

6|Apr 19 2012|09:59:24|106100|172.10.140.184|49731|172.20.72.73|23|access-list REGION_in permitted tcp REGION/172.30.140.184(49731) -> INSIDE/172.20.72.73(23) hit-cnt 1 first hit [0x3d0b619a, 0x0]

mvsheik123 · ‎04-22-2012

Hello,

You can also have a SQL db pull the data from syslog server and export as CSV.

hth

MS

edoig.admin · ‎12-17-2010

just a linux server, no special software, linux server with specific cron jobs to pull the data, so ideally i'll be adding a cron job to convert logs into csv.

edoig.admin · ‎12-20-2010

anyone else have any suggestions?