Good Morning,
I'd like to do an external analysis of the connections/traffic trough our firewall in a certain timeframe (serveral hours or one day). Basically I need this information in a format that allows me to do an analysis based on the source ip,port and destination ip,port as well as the time, firewall rule and action (e.g. csv Version of the table below).
I logged in to the firewall and did a fgrep "<ip>" *.log in the directory /log. This gave me only some lines regarding authentication ...
So I assume this is stored somewhere in the database. Is this correct?
When I press the download button on the log viewer I only get the information in an csv file as far as I have scrolled down on the window so far which is not practicable with thousands or hundreds of thousand of entries.
How can this information be extracted?
What timeframe will be available in the firewall log (since last reboot, x days, x hours).
Is this information available somewhere else more easily e.g. in iView?
Thanks.
This thread was automatically locked due to age.
