FW1-Loggrabber is a simple LEA (Log Export API) client for Checkpoint Firewall-1. It was developed to access Firewall-1 Logfiles from commandline from any host in the network. Without an LEA client you can only access logs with graphical Checkpoint Tools or via commandline directly on the Firewall-1 machine. The primary goal was to automate reports of FW-1 logs with LIRE.
|Tags||Systems Administration Networking Firewalls|
|Operating Systems||Unix POSIX Solaris Linux Windows Windows Windows|
Release Notes: A bug in Checkpoints OPSEC SDK that caused a segmentation fault in fw1-loggrabber when switching log files on the management station made it necessary to relink the binaries. There are also minor bugfixes.
Release Notes: New features include separation of configuration files, support of authenticated connections to FW-1 4.1, automatic reconnect of LEA connections, configurable print-order of fields, support of multiple DBMSs using ODBC libraries (Oracle, MS SQL, MySQL, PostgreSQL, and DB2) which replaced experimental MySQL support, more filters, an installer script for Unix/Linux, and an installer package for Windows.
Release Notes: Changes include filter rules for audit logs, as well as general enhancement of filter rules including support for negation of filter arguments. fw1-loggrabber also supports additional output destinations, such as files or syslog. A complete rewrite of the documentation was done. The README file was replaced by a man page as well as HTML documentation. The opsec timeout was disabled and some minor bugs were fixed.
Release Notes: This new release contains some more log fields to be supported, as well as the possibility to use various authentication mechanisms and enhanced error handling.
Release Notes: This release features a user defined separator, configurable date format, filtering on date/time, a global configuration file, simple filters for audit logs, and experimental MySQL support.