"Security is a journey, not a destination. One good step along the way is to review and analyze your firewall logs and syslog messages on a regular basis. Unfortunately, the plain text logs produced by syslog are not in a form that is easily analyzed. Also, unless you are using syslog-ng, your firewall logs are probably scattered all over the various system message log files.
"This article will show you how to move your firewall logs from syslog text files to a MySQL database in 10 minutes or so. The following examples were carried out on a SuSE 10.0 system but you can easily adapt them for other distributions..."