Awarded

Customizing cactiEZ and syslog-ng

Need step by step instructions for customizing cactiEZ and syslog-ng to parse incoming firewall syslogs to extract message details and insert into mysql database.

([url removed, login to view])

Step by step instructions for installing pdbtool and using it on syslog samples to get regex filter in patterndb XML format.

Step by step instructions to install and get filter to map syslog message to variable, create tables in mySQL database, and link incoming message variables to table.

Step by step instructions to create cactiez graphs and lists based on dates ips and ports from data in database

Sample syslog data:

170.88.112.3 jun/15/2011 12:32:33 system,error,critical login failure for user admin from [url removed, login to view] via ssh

[url removed, login to view] jun/14/2011 12:32:23 system,error,critical Site22: login failure for user root from [url removed, login to view] via ssh

[url removed, login to view] jun/14/2011 10:32:23 firewall,info 17AcmeCorp: input: in:pppoe-out1 out:(none), proto TCP (SYN), [url removed, login to view]:45379->[url removed, login to view], len 60

170.88.112.3 jun/14/2011 10:20:25 firewall,info companyCCC: input: in:ether1WAN out:(none), proto UDP, [url removed, login to view]:53->[url removed, login to view], len 81

Possible variables:

date,time,alerttype,sitenameifexists,protocol,sourceip,sourceport,destinationip,destinationport

Skills: Linux, MySQL, Perl, PHP, System Admin

See more: cactiez syslog, cactiez, root info, regex info, link graphs, graphs data, 233, syn, regex, proto, php regex, len, gz, extract tables, extract map, customizing, syslog message, incoming xml, insert variable, sample perl, php insert xml, perl sample, php regex extract, ssh firewall, ssh create mysql database

About the Employer:
( 0 reviews ) bellevue, United States

Project ID: #1104930

1 freelancer is bidding on average $250 for this job

tech2yash

.net/php experienced

$250 USD in 2 days
(1 Review)
2.8