FWLOGSUM REPORT

Dropped and Rejected Entries
Inbound Traffic
Sorted by count

Report generated on: Sun Apr 21 22:12:06 2013
Period for report data: 20 Oct 2001 at 17:21:03 to 26 Nov 2001 at 9:02:26
Period for matched data: 17 Nov 2001 at 14:10:43 to 26 Nov 2001 at 9:01:59

TypeCount
Total entries processed 18995
Entries matched on 310
Inbound traffic 18952
Outbound traffic 8
Control Messages 35
Entries Ignored 8
Alert Entries 2
Attack Types 0
Unique Attack URLs 0
Encrypted/Decrypted Entries 4
Unknown Entries 0

Colour Coding

Alert Entries

Crypt/Decrypt Entries

Highlighted Entries

View Report Summary

Source Address Destination Address Service Count Rule
corelinkmain01.foo.comapollo.foo.comtcp(TACACSplus)444
webfoogen1.foo.comdevel.lab.foo.comtcp(38567)424
webfoogen1.foo.comdevel.lab.foo.comtcp(38530)414
webfoogen1.foo.comzeus.lab.foo.comtcp(1573)334
dhcp-100-101-162-201.dhcp.foo.comwebwebmain01.foo.comtcp(sunrpc)304
fwrtrmain01.foo.comns4.foo.comudp(ntp-udp)154
dhcp-100-101-162-201.dhcp.foo.comwebwebmain01.foo.comtcp(nbsession)134
webfoogen1.foo.comdevel.lab.foo.comtcp(35338)94
fwmain01.foo.comdhcp-100-101-167-223.dhcp.foo.comtcp(1167)84
webfoogen1.foo.comdevel.lab.foo.comtcp(54924)74
fwrtrmain01.foo.comapollo.foo.comtcp(TACACSplus)64
fwrtrmain01.foo.comns4.foo.comudp(ntp-udp)53
mlink.foo.co.ukns4.foo.comudp(ntp-udp)43
gwt.lab.foo.comfwfoomain01.foo.comtcp(telnet)43
test.lab.foo.comfwfoomain01.foo.comtcp(smtp)43
fwrtrmain01.foo.comns4.foo.comudp(ntp-udp)33
dhcp-100-101-167-233.dhcp.foo.comfwmain01.foo.comudp(177)24
mlink.foo.co.ukns4.foo.comudp(ntp-udp)23
mlink.foo.co.ukns4.foo.comudp(ntp-udp)23
test.lab.foo.comfwfoomain01.foo.comtcp(smtp)23
fwrtrmain01.foo.comns4.foo.comudp(ntp-udp)23
devel.lab.foo.comwebfoogen1.foo.comtcp(login)24
test.lab.foo.comfwfoomain01-2tcp(smtp)23
mlink.foo.co.ukns4.foo.netudp(ntp-udp)23
ns1.foo.com192.1.1.16tcp(smtp)14
dhcp-100-101-167-233.dhcp.foo.comfwfoomain01.foo.comtcp(telnet)13
dhcp-100-101-167-223.dhcp.foo.comfwmain01.foo.comtcp(FW1_mgmt)14
fwmain01.foo.comrtnw.foo.comtcp(telnet)14
mlink.foo.co.ukns4.foo.comudp(ntp-udp)13
gwt.lab.foo.comcorelinkmain01.foo.comtcp(45)13
fwrtrmain01.foo.com192.1.1.13tcp(telnet)14
fwrtrmain01.foo.comrtnw.foo.comtcp(telnet)14
dhcp-100-101-167-233.dhcp.foo.comfwfoomain01-2udp(nbname)14
gwt.lab.foo.comfwfoomain01.foo.comtcp(shell)13
test.lab.foo.comfwfoomain01.foo.comtcp(tcpmux)13
test.lab.foo.comfwfoomain01-2tcp(tcpmux)13
192.1.28.252webfoogen1.foo.comtcp(login)14
webfoogen1.foo.comapollo.foo.comtcp(telnet)14
gwt.lab.foo.comfwfoomain01.foo.comtcp(telnet)13
ns1.foo.com192.1.1.23tcp(smtp)14
dhcp-100-101-167-233.dhcp.foo.comfwfoomain01.foo.comtcp(telnet)13
dhcp-100-101-167-233.dhcp.foo.com.aufwfoomain01.foo.com.autcp(telnet)13
gwt.lab.foo.comfwfoomain01.foo.comudp(33442)13
fwrtrmain01.foo.comns4.foo.netudp(ntp-udp)13
webfoogen1.foo.comapollo.foo.comtcp(login)14
corelinkmain01.foo.com192.1.1.13tcp(telnet)14
corelinkmain01.foo.comrtnw.foo.comtcp(telnet)14
gwt.lab.foo.comfwfoomain01.foo.comudp(33443)13
gwt.lab.foo.comfwfoomain01.foo.comudp(33441)13
ns1.foo.com255.255.255.255tcp(smtp)14

Summary Information

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

[No canvas support]

 

Top of Report

fwlogsum Version: 5.1.0

Charts generated using RGraph

Generated: Sun Apr 21 22:12:06 2013