FireWall-1 FAQ: Third Party Programs for Log Analysis
Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.
I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.
If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)
Here are a few sites in no particular order that have log analysis tools for FireWall-1. Note that I do not endorse any of these products.
- Netspective Webreporter
- Lance Spitzner's Logger
- NetIQ's Webtrends suite
- Peter Sundstrom's fwlogsum
- Rajeev Kumar's fwlogstat
- PATROL for Check Point FireWall-1 from BMC Software
- fwrules http://www.geocities.co.jp/SiliconValley-Cupertino/8240/]]
- LogLogic firewall log appliance, parses logs in real time into a searchable database
Tevrik Karagulle's open source log analysis program logrep supports Firewall-1 logs: http://logrep.sourceforge.net
Some Unix scripts to maintain firewall logs. Written by Chris Hill of Automotive Products Group, Ltd, based on an idea by Feroz Kahn. fwscript.zip (5.0 K)
Ed Ravin wrote a log summarizer written in Perl for Windows NT fw1repo.zip (11.0 K)