Lire can generate reports for a variety of dns, email, print, proxy, database, ftp and web servers as well as some firewalls. You can find the definitive list of supported log formats by running the command lr_log2report --help dlf-converters.
Lire can generate reports from the log files of database servers:
MySQL™. http://www.mysql.org/
For these applications, you will get reports about the number of queries, the top users, the most used databases and more.
Lire can generate reports from the log files of Linux kernel 2.4.x isdnlog log files:
Linux kernel 2.4.x isdnlog http://www.isdn4linux.de/
Lire can generate reports from the query log files of two DNS servers:
For these applications, you will get reports about the number of DNS requests by hour, the top DNS clients, the most requested names and more.
Lire can generated reports from DNS server logs about DNS Zone transfers: AXFR's and the loading of zones, as logged by e.g BIND 8's named log.
Six email servers are supported by Lire:
ArGoSoft Mail Server™. http://www.argosoft.com/applications/mailserver/
Exim™. http://www.exim.org/
Postfix™. http://www.postfix.org/
Netscape Messaging Server™.
Qmail™. http://www.qmail.org/
Sendmail™. http://www.sendmail.org/
The email servers' reports will show you the number of deliveries and the volume of email delivered by day, the domains from which you receive or send the most emails, the relays most used, etc.
Several packet filtering firewalls are supported by Lire:
Log files from Cisco IOS http://www.cisco.com/univercd/cc/td/doc/product/software/ .
IPfilter log files http://coombs.anu.edu.au/~avalon/ip-filter.html .
Linux 2.2.X ipchains log files. http://netfilter.samba.org/ipchains/.
Linux 2.4.X iptables log files. http://netfilter.samba.org/.
All log files using the WebTrends Enhanced Log Format. This makes Lire support a potentially large number of firewall products. Consult http://www.webtrends.com/partners/firewall.htm for a list. Note that we didn't test Lire with all of those products. We appreciate all feedback regarding how Lire behaves with those products.
The reports generated will include informations about the IP address with the largest volume of data denied, the denied TCP ports, etc.
Lire can generate reports for FTP servers that use the xferlog log format. Some of the FTP servers known to support that log format:
BSD ftpd. (As found on OpenBSD™, FreeBSD™ and most UNIXes).
ProFTPD™. http://www.proftpd.org/
Wu-Ftpd™. http://www.wu-ftpd.org/
It also supports log files from Microsoft Internet Information Server™, which uses a variant of the W3C Extended Log Format.
The ftp superservice reports will include information such as the clients with the most transfers, the most requested files, the most active users, the amount of bytes transferred by day, etc.
Lire can generate reports from log files from two message stores:
Netscape Messaging Server™.
Netscape Messaging Server Mail Multi Plexor™
Lire can generate reports for two print servers:
CUPS™ http://www.cups.org/
LPRng™ http://www.lprng.com/
The reports generated will include information about the usage of the printers, statistics on the jobs and users.
Lire supports three types of log files for proxy servers:
Squid™. http://www.squid-cache.org/
Microsoft Internet Security and Acceleration Server™. http://www.microsoft.com/isaserver/
All log files using the WebTrends Enhanced Log Format. This makes Lire support a potentially large number of proxy products. Consult http://www.webtrends.com/partners/firewall.htm for a list. Note that we didn't test Lire with all of those products. We appreciate all feedback regarding how Lire behaves with those products.
Lire can generate overview reports about your syslog log files. It supports more than 8 different syslog log file formats.
Lire supports the three most common log formats for web servers: common log format (CLF), combined log format and the W3C extended log format. Most web servers are able to log in one of those formats. It has been verified that Lire is able to generate reports for the following web servers:
Apache™. http://httpd.apache.org/
Boa™. http://www.boa.org/
Microsoft Internet Information Server™ (3.X, 4.X, 5.X).
iPlanet Web Server™.http://www.iplanet.com/
Reports for the www superservice will include information like the number of requests by day, requests by browser, attack detection, top referers, etc. It is Lire's most complete report.