Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Converting syslog entries to access-list entries

Hi All,

I'm working on a firewall audit where we are trying to tighten access from the LAN out to the Internet.

We have an access-list entry that logs the traffic going outbound and this is being sent to our Kiwi syslog server.

I'm looking for a way to take all of these syslog entries and convert them to access-list entries so they can be added to the firewall config.

I found the following 2 links below that show perl scripts that can do this but they're not working so well for me. I'm trying to run them on a Windows machine and I'm far from a Perl expert.

http://sourceforge.net/projects/wooterwoot/files/wooterwoot/

http://www.oreillynet.com/pub/a/network/excerpt/CISCO_Chap1/?page=2

Has anyone else out there had a similar task and can you help shed some light on how you accomplished this?

Thanks!

181
Views
0
Helpful
0
Replies
CreatePlease to create content