loggrep

NAME
SYNOPSIS
DESCRIPTION
GENERAL OPTIONS
IPCHAINS SPECIFIC OPTIONS
IPTABLES SPECIFIC OPTIONS
FILES
AUTHOR

NAME

loggrep - check log file on packet logs

SYNOPSIS

loggrep [-cfhxX] [search options] [ filename ]

DESCRIPTION

Loggrep greps packet log entries from the kernel log file. A logfile entry is identified with Packet Log (IPCHAINS) or the PREFIX (IPTABLES). The entries can be filtered by specifying search options. Example: loggrep -s 21 -s 23 -m Nov filters all entries from Nov and on port 21 or 23.

GENERAL OPTIONS

-h

Generate html output.

-x

Display the entries according to the appearance of the SrcIP. (quasi portscan mode).

-X

Display the count of entries according to the appearance of the SrcIP. (quasi portscan mode).

-c

Generate statistic. For every specified option the count of appearance in the logfile will be displayed.

-f

Follow mode. Reads from a file without stopping.

IPCHAINS SPECIFIC OPTIONS

The following options depend on the definition of your logfile. These are the standard options for IPCHAINS.

-m month

Search for entries with the given month

-y day

Search for entries with the given day

-p protocol

Search for entries with the given protocolnumber

-S sourceip

Search for entries with the given sourceip

-D destinationip

Search for entries with the given destinationip

-s sourceport

Search for entries with the given sourceport

-d destinationport

Search for entries with the given destinationport

-a action

Search for entries with the given action like REJECT, DENY

-n device

Search for entries with the given networkdevice

IPTABLES SPECIFIC OPTIONS

The following options depend on the definition of your logfile. These are the standard options for IPCHAINS.

-m month

Search for entries with the given month

-y day

Search for entries with the given day

-t time

Search for entries with the given time

-w log prefix

Search for entries with the given log prefix specified by iptables