fwlogwatch is a packet filter and firewall log analyzer

General features:
   - Can detect and process log entries in the following formats:
   - Linux ipchains, Linux netfilter/iptables, Solaris/BSD/Irix/HP-UX
     ipfilter, Cisco IOS and Cisco PIX.
   - Entries can be parsed in combined log files, the parsers to be used
     can be selected.
   - Gzip-compressed logs are supported.
   - Can separate recent from old entries and detects timewarps in log files.
   - Can recognize 'last message repeated' entries concerning the firewall.
   - Integrated resolver for protocols, services and host names.
   - Can do lookups in the whois database.
   - Own DNS and whois information cache for faster lookups.
   - Ports and hosts can be selected or excluded as needed.
   - Support for internationalization (available in english, german,
     portuguese and chinese).

WWW: http://cert.uni-stuttgart.de/projects/fwlogwatch/