You can use the report utility function to assist you in generating reports from the log and archive files. The purpose of report utilities is to generate tabulated files of administrative information. Tabulated means files are organized and formatted for easy mapping to relational database tables. These tables assist the firewall administrator to analyze:
Using the utilities and the firewall log, the administrator can create a regular text file of the messages. Additionally, tabulated files can be generated and imported into tables in a relational database system, such as DB2/6000. The administrator can then use the Structured Query Language (SQL), or other tools like IBM's Visualizer or Query Management Facility to query the data and generate reports.
AIX su logs, generated by the su (switch user) command, can be imported into the database in a similar fashion.
Report Utilities are installed as part of firewall install. They can also be separately installed and run on a non-firewall AIX host. The configuration client can be used to run them on a firewall. On a non-firewall, you will use SMIT or command line.
For report utilities to function properly, it is important that only local4 messages appear in their input files. No other facility should be directed to the same file as local4, so set syslog accordingly.
(Do not try to use report utilities on any log files from previous firewall releases.)
![]() |
Report Utilities (User's Guide) |
![]() |
Using Report Utilities (Reference) |
Regular Expression What it Does ICA0 shows log monitor threshold alert messages ICA3 shows Socks messages (#ICA3000 - 3999) ICA[23] shows proxy and Socks messages ICA2010 only shows occurences of the ICA2010 message