From owner-freebsd-questions@freebsd.org Sun Jul 11 12:32:18 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AFA2766702A for ; Sun, 11 Jul 2021 12:32:18 +0000 (UTC) (envelope-from serejk@febras.net) Received: from prima.febras.net (prima.febras.net [62.76.193.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "*.febras.net", Issuer "Sectigo RSA Organization Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GN5rK4BMWz4sT1 for ; Sun, 11 Jul 2021 12:32:17 +0000 (UTC) (envelope-from serejk@febras.net) Received: from [192.168.1.4] (host.164-138-89-193.broadband.redcom.ru [164.138.89.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: serejk@febras.net) by prima.febras.net ("FEB RAS network Mail Server") with ESMTPSA id 3D1D855B900; Sun, 11 Jul 2021 22:31:59 +1000 (VLAT) From: Korolev Sergey Message-Id: Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\)) Subject: Re: Analyzing Log files of very large size Date: Sun, 11 Jul 2021 22:31:57 +1000 In-Reply-To: Cc: freebsd-questions To: KK CHN References: X-Mailer: Apple Mail (2.3445.104.17) X-FEBRAS-Info: Contact e-mail: admin@febras.net X-FEBRAS-ID: 3D1D855B900.A4874 X-FEBRAS: clean X-FEBRAS-SpamCheck: not spam, SpamAssassin (not cached, score=0.301, required 5, ALL_TRUSTED -1.00, BAYES_50 0.80, HTML_MESSAGE 0.00, VOWEL_TOCC_5 0.50) X-FEBRAS-From: serejk@febras.net X-FEBRAS-To: freebsd-questions@freebsd.org, kkchn.in@gmail.com X-Spam-Status: No X-Rspamd-Queue-Id: 4GN5rK4BMWz4sT1 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of serejk@febras.net designates 62.76.193.23 as permitted sender) smtp.mailfrom=serejk@febras.net X-Spamd-Result: default: False [-1.24 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:62.76.193.23]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[62.76.193.23:from]; ASN(0.00)[asn:34017, ipnet:62.76.193.0/24, country:RU]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[164.138.89.193:received]; R_DKIM_NA(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DMARC_NA(0.00)[febras.net]; NEURAL_SPAM_MEDIUM(0.56)[0.556]; SPAMHAUS_ZRD(0.00)[62.76.193.23:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Jul 2021 12:32:18 -0000 Is it a plain text file?=20 > On 11 Jul 2021, at 22:13, KK CHN wrote: >=20 > List, >=20 > I am in a requirement to analyze large log files of sonic wall = firewall > around 50 GB. for a suspect attack. >=20 > What tools and solutions need to be deployed for handling this much = large > files and pls enlighten me with your expertise and reference materials = if > any. >=20 > All are tcp / ip communications, DNS UDP transports .. >=20 > Regards, > Kris > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"