Just been browsing around and found this. Thought i can share it here (i see no mention about it at AO). What do you guys/girls use to analyze logs from your firewalls? Try this open source tool!

fwlogwatch (http://cert.uni-stuttgart.de/projects/fwlogwatch/) is a packet filter/firewall/IDS log analyzer written by Boris Wesslowski. It can analyze log entries for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/Irix/HP-UX ipfilter, Cisco IOS, Cisco PIX, NetScreen Windows XP firewall, Elsa Lancom router and Snort IDS. It does reverse DNS lookups and lookups in the whois database. It can generate plain text and HTML (with CSS) summary with many sort options. It runs on Linux, Solaris, FreeBSD, OpenBSD and Win 95/98/ME/NT/2000/XP. Great isn't it?

Peace always,