Packet2sql will convert any text file/log file which contains ipchains packet logs into a stream of SQL inserts. The SQL can be saved into a file and used as a query to any SQL-92 compliant database. This can even be done on-the-fly from syslogd directly to the database. The database can be used as a base for a firewall-analyzing application, to identify attack signatures, to share security information easily with other sites, and to extract the domains of logged attackers for whois.
|Operating Systems||POSIX Linux|
Release Notes: This release has a fix for a field width problem on IP addresses that caused incorrect SQL to be generated.
Release Notes: A -y option was added to accept the year the packets were logged. An RPM spec file is now provided, bugs in parsing different log formats have been fixed, and there are minor performance improvements.
Release Notes: A utility to facilitate copying from syslogd to a database on the fly has been added. A defect which occasionally caused non-packet-log lines in a log file to show up as junk SQL has been removed.
Release Notes: A crash associated with empty lines was fixed. A fix was made for an incorrect SQL which was generated when the day of the month was less than 10.
Release Notes: Entirely reimplented in C++, takes standard input in addition to filenames listed on the command line, and is 170 times faster than v1.