loggrep - README
Description
Loggrep greps kernel logfiles on ipchains or iptables packet log entries and features
the posibility to filter against given entries (date, IP, port, ..).
It also features a quasi-detection of portscans, line count
and html output.
Installation
IPCHAINS:
./configure --with-ipchains
make
make install
IPTABLES:
./configure --with-iptables="YOUR PREFIX" (Set the prefix you specified by iptables)
make
make install
XML:
./configure --with-xml
make
make install
Default:
ipchains is used
Logfiles
You are able to define logfiles with xml. The xmlfile will be installed in the share
directory. The file logfile.xml shows you a definition for iptables.
You can modify the xmlfile for ajusting to your requirements,
but you have to follow the dtd (logfile.dtd).