A fast and user-friendly Python GUI tool to analyze firewall logs, filter them by IPs and date range, and generate a single, structured CSV output — ideal for cybersecurity analysts and network engineers.

• 🔍 Multi-core Log Scanning using Python's multiprocessing
• 📆 Date-based Filtering (Start & End)
• 📄 Single CSV Output with selected fields
• 🧠 Regex-based Parsing for deep log field extraction
• 📋 Custom IP List Support
• 🖥️ User-friendly GUI built with tkinter
• 🚀 Super Fast even with thousands of .gz log files

/mnt/Firewall-Logs/Firewall-Logs/Firewall/
├── log.07.04.25.gz
├── log.08.04.25.gz
└── log.09.04.25.gz

• Python 3.8 or higher

pip install tqdm

python firewall_log_parser.py

Then use the GUI to:

1. 📁 Select your ips.txt file
2. 📅 Choose a start and end date (format: YYYY-MM-DD)
3. 🗂 Select the output directory
4. ✅ Click Start Parsing

➡️ The output will be saved as a single .csv file in your chosen directory.

192.168.1.10
172.16.20.5
10.0.0.2

• date, time, log_type, status, fw_rule_id, fw_rule_name
• src_ip, dst_ip, protocol, dst_country_code
• src_port, dst_port, tran_src_ip

⚠️ Note: MAC address field has been excluded for privacy and relevance.

FirewallLogParser/
├── firewall_log_parser.py         # Main script with GUI and parser logic
├── ips.txt                        # List of IPs to filter
├── README.md                      # Project documentation
├── gui-preview.png                # Optional: GUI screenshot
└── requirements.txt               # (Optional) Dependency list

This project is licensed under the MIT License.

Kiran Kumar K
💼 LinkedIn
📁 GitHub

If you find this project helpful, please leave a ⭐️ — it helps others discover it too!