ISC Feature of the Week: How to Submit Firewall Logs

Published: 2012-01-03. Last Updated: 2012-01-04 14:43:30 UTC
by Adam Swanger (Version: 1)
2 comment(s)

Each week, usually on Tuesday, we are going to highlight an ISC/DShield site feature so all our users become more aware of all the great functionality that is available!

This week's ISC/DShield feature is How To Submit Your Firewall Logs To DShield and can be found at https://www.dshield.org/howto.html

Much of the reporting on the ISC/DShield websites is from data collected from users submitting firewall logs. There are many existing scripts and services available so chances are high that all you have to do to get started is a quick download and cron on your firewall.

 

Here's how it's done:

1. Signup is recommended for maximum benefits but not required. See the link below for all the added features an account will give you.

www.dshield.org/howto.html#signup

2. Find an existing script to load and cron on your firewall.

www.dshield.org/howto.html#clients

3. If, by chance, you don't find an existing client, you can write your own.

www.dshield.org/specs.html

 

Using the data:

1. Access the data and feeds.

www.dshield.org/feeds_doc.html

2. Browse the data results.

www.dshield.org/reports.html

 

That's a quick link list to get you started. If you can't find the details you're looking for on the website or have a question or comment, please drop us a note in the contact form isc.sans.edu/contact.html

--
Adam Swanger, Web Developer (GWEB)
Internet Storm Center (http://isc.sans.edu)

Keywords: ISC feature
2 comment(s)

Comments

Im using psad on my firewall you can turn on dshield reporting to dshield http://cipherdyne.org/psad

In psad.conf you can set
ENABLE_DSHIELD_ALERTS Y;
DSHIELD_ALERT_EMAIL reports@dshield.org;
DSHIELD_ALERT_INTERVAL 6;
DSHIELD_USER_ID 6;
DSHIELD_USER_EMAIL you@somedomain.com;
DSHIELD_DL_THRESHOLD 2;
Does anyone have a list of inexpensive home wireless routers that are compatible with the current DShield clients?

Diary Archives