Well, I've got two routers reporting that have very different structures. I am interested in src, dst, port, protocol, drop or allow, and timestamp
Mar 11 22:44:56 10.50.25.1 Mar 11 21:44:56 rv180w KERNEL [Kernel] [638811.520000] LOG_PACKET[DROP]IN=eth1 OUT= DST MAC=78:da:6e:e6:3b:7d SRC MAC=78:cd:8e:4b:1f:a2 PAYLOAD TYPE=08:00 SRC=97.92.215.221 DST=24.182.130.162 LEN=40 TOS=0x00 PREC=0x00 TTL=118 ID=639 DF PROTO=TCP SPT=49489 DPT=8000 WINDOW=0 RES=0x00 ACK URGP=0
Mar 11 19:24:03 24.182.134.18 Mar 11 18:27:09 10.50.22.1 [Access Log ] Deny TCP Packet - 10.50.22.3:46440 --> 10.50.25.4:25
... View more