Jun 19

Create communication matrix from CSV logexport

Various -
1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 5.00 out of 5)
Loading ... Loading ...
Add comments

Since I didn’t find a way using SMC (v4.3.6) to create a communication matrix that contains any unique host to host communication within a specified time range, I wrote a short python script which creates a communication matrix from exported Stonegate logs in CSV format.

The script is just a short hack. Thus it is not well designed.

You might want to check it out here

written by Bernd Bornkessel - 703 views

2 Responses to “Create communication matrix from CSV logexport”

  1. pakki Says:
    June 24th, 2009 at 12:50 pm

    Hi, sounds like a usefull tool.

    However, I tried this but I got results like “UDP 6394613″. My python skills is not sufficient that I could fix that. :-(

  2. Bernd Bornkessel Says:
    June 26th, 2009 at 5:09 pm

    Hi,

    please make sure that you filter out any log entries like IPSec Info, Authentication, Accounting before you export the logs.
    Filter for events like “New Connection”, “New Connection through VPN”, “Connection Discarded” or any combination of these.

    Of course we could do this job also in the script. But as the export file would grow including all logentries, the script performance and memory consumption would increase radically.

    Perhaps you should also have a look to the fields of the exported csv File. The line
    resultFields = (7, 8, 9, 12, 14, 15)
    describes which fields of the export file are taken over to the result file. Remember to start counting from 0. The first field is “Src Addr”, second “Dst Addr”, third “Service”, fourth “Dst Port”. The last two ones are optional. In this case source NAT and destination NAT.

    Regards,
    Bernd

Leave a Reply

You must be logged in to post a comment.