Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Converting syslog entries to access-list entries

Hi All,

I'm working on a firewall audit where we are trying to tighten access from the LAN out to the Internet.

We have an access-list entry that logs the traffic going outbound and this is being sent to our Kiwi syslog server.

I'm looking for a way to take all of these syslog entries and convert them to access-list entries so they can be added to the firewall config.

I found the following 2 links below that show perl scripts that can do this but they're not working so well for me. I'm trying to run them on a Windows machine and I'm far from a Perl expert.

Has anyone else out there had a similar task and can you help shed some light on how you accomplished this?


CreatePlease to create content