loggrep

NAME
SYNOPSIS
DESCRIPTION
GENERAL OPTIONS
IPCHAINS SPECIFIC OPTIONS
IPTABLES SPECIFIC OPTIONS
FILES
AUTHOR

NAME

loggrep - check log file on packet logs

SYNOPSIS

loggrep [-cfhxX] [search options] [ filename ]

DESCRIPTION

Loggrep greps packet log entries from the kernel log file. A logfile entry is identified with Packet Log (IPCHAINS) or the PREFIX (IPTABLES). The entries can be filtered by specifying search options. Example: loggrep -s 21 -s 23 -m Nov filters all entries from Nov and on port 21 or 23.

GENERAL OPTIONS

-h
Generate html output.
-x
Display the entries according to the appearance of the SrcIP. (quasi portscan mode).
-X
Display the count of entries according to the appearance of the SrcIP. (quasi portscan mode).
-c
Generate statistic. For every specified option the count of appearance in the logfile will be displayed.
-f
Follow mode. Reads from a file without stopping.

IPCHAINS SPECIFIC OPTIONS

The following options depend on the definition of your logfile. These are the standard options for IPCHAINS.
-m month
Search for entries with the given month
-y day
Search for entries with the given day
-p protocol
Search for entries with the given protocolnumber
-S sourceip
Search for entries with the given sourceip
-D destinationip
Search for entries with the given destinationip
-s sourceport
Search for entries with the given sourceport
-d destinationport
Search for entries with the given destinationport
-a action
Search for entries with the given action like REJECT, DENY
-n device
Search for entries with the given networkdevice

IPTABLES SPECIFIC OPTIONS

The following options depend on the definition of your logfile. These are the standard options for IPCHAINS.
-m month
Search for entries with the given month
-y day
Search for entries with the given day
-t time
Search for entries with the given time
-w log prefix
Search for entries with the given log prefix specified by iptables
-p protocol
Search for entries with the given protocolnumber
-S sourceip
Search for entries with the given sourceip
-D destinationip
Search for entries with the given destinationip
-s sourceport
Search for entries with the given sourceport
-d destinationport
Search for entries with the given destinationport
-n device
Search for entries with the given networkdevice

FILES

share/loggrep/loggrep.xml share/loggrep/loggrep.dtd

AUTHOR

Snorre <snorre@users.sourceforge.net>