Forensic tool to examine firewall logsfiles?

Have you looked at WireShark?

https://www.wireshark.org/

Hello,

i have 23 days of firewall logfiles here?
Is there a tool which give my reports or a search function which website is surfed on which our and day?

Thanks a lot.

cu

papa

In windows
type logfile.txt | find "stuff i want to find" | more
In Linux
cat logfile.txt | grep "stuff i want to find" | more
For more info, type find /? or grep -h
You can have multiple filter layers like
type logfile.txt | find "something" | find "something else in that search" | find "even more filtering after that" | more

Have you looked at WireShark?

https://www.wireshark.org/

Wireshark does not help with logfiles and have no reporting capabilities like the OP asked for.

Try splunk…buy a small license so you can use in a production capacity.

Hello,

i have 23 days of firewall logfiles here?
Is there a tool which give my reports or a search function which website is surfed on which our and day?

Thanks a lot.

cu

papa

In windows
type logfile.txt | find "stuff i want to find" | more
In Linux
cat logfile.txt | grep "stuff i want to find" | more
For more info, type find /? or grep -h
You can have multiple filter layers like
type logfile.txt | find "something" | find "something else in that search" | find "even more filtering after that" | more

Also, this is too easy… )

What sort of firewall is it?

Elasticsearch/Logstash/Kibana is growing in popularity for examining this sort of thing. It's free.

There is a pre-configured VM available via the FOR572 (it's used on the SANS FOR572 course) here - have a look and see if it helps.

+1 for Splunk. https://www.splunk.com

Toss the in a directory, point Splunk at them, search away…