Security Basics mailing list archives

RE: syslog GUI for Linux

From: "Mathew Davies" <mathew.davies () ipt-ltd co uk>
Date: Wed, 21 Apr 2004 12:56:07 +0100

I am currently using syslog-ng with mysql for logging and
php-syslog-ng for a frontend see http://www.vermeer.org/projects/php-syslog-ng/
there is a demo site and instructions on the syslog-ng setup at
http://www.vermeer.org/syslog it's working very well 

it shouldn't be hard to modify to php to allow it to write it 
to query/search the database at the minute you can search on
date, system & error level.

-mat

-----Original Message-----
From: Jim Conner [mailto:jconner () lrn com]
Sent: 20 April 2004 16:27
To: 'aruna'; Omar Khawaja; security-basics () securityfocus com
Subject: RE: syslog GUI for Linux

Well, I am going to be writing one soon.  I am building a 
central syslog
system for my company and am developing the entire deal...

Here is what I have done so far:

* The central server is an HP DL-360 G3 2.4Gigahertz 
2.5Gigabyte machine
with a mirrored 72Gig hdd.
* The syslog daemon I am using is passlogd listening to eth1 which is
IP-less in PROMISC mode.
* I wrote a perl program (almost complete) that monitors the 
syslog file and
loads events into a MySQL database separating firewall 
entries to a separate
set of tables (currently supports PIX and iptables) from the 
system messages
tables.  The tables are nothing big.  Primarily, I set the 
tablespace up so
that duplicate entries don't get stored.
* I intend to write a PHP front end to perform queries 
against the database
for the syslog events.

I currently have a project on sourceforge that I was given explicit
permission from my employer to GPL.  I intend to ask for the 
same in this
project but I can't guarantee anything.  If they don't allow 
me to GPL the
project then I intend to re-write it for home use which I will GPL.

Now, I haven't really answered your question in a decent 
manner yet.  No, I
don't currently have an idea of a good solution to your 
delimma.  I couldn't
find one which is why I am writing my own.  However, if you 
or anyone else
has a better solution then I would love to hear it.  Why re-invent the
wheel? :)

- Jim

------------------------------------
Jim Conner   | Systems Administrator
310.209.5487 | http://www.lrn.com
LRN -- The Legal Knowledge Network

-----Original Message-----
From: aruna [mailto:arunah () slt lk]
Sent: Friday, April 16, 2004 10:01 PM
To: Omar Khawaja; security-basics () securityfocus com
Subject: Re: syslog GUI for Linux

Hello everybody,

May i also know if there is any avilability of a syslog message filter
via a web interface running on a Linux box.

Thanks for any help.

Regards

aruna
----- Original Message -----
From: "Omar Khawaja" <omarkhawaja () yahoo com>
To: <security-basics () securityfocus com>
Sent: Thursday, April 08, 2004 9:29 AM
Subject: syslog GUI for Linux

I am looking for a script / application that will allow me

to display and

intelligently filter (based on time, source, etc.) syslog

messages, via a

web interface.

Through a preliminary search, I have come across a few

applications, but

none have been updated for the past few years and therefore

don't work too

well with the newer versions of PHP, mySQL, etc.

Any recommendations would be deemed helpful. Thanks.

___
Omar Khawaja

--------------------------------------------------------------
------------
-

Ethical Hacking at the InfoSec Institute. Mention this ad

and get $545 off

any course! All of our class sizes are guaranteed to be 10

students or
less

to facilitate one-on-one interaction with one of our expert

instructors.

Attend a course taught by an expert instructor with years

of in-the-field

pen testing experience in our state of the art hacking lab.

Master the
skills

of an Ethical Hacker to better assess the security of your

organization.

Visit us at:

http://www.infosecinstitute.com/courses/ethical_hacking_training.html

--------------------------------------------------------------
------------
--



--------------------------------------------------------------
-------------
Ethical Hacking at the InfoSec Institute. Mention this ad and 
get $545 off 
any course! All of our class sizes are guaranteed to be 10 
students or less 
to facilitate one-on-one interaction with one of our expert 
instructors. 
Attend a course taught by an expert instructor with years of 
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your 
organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
--------------------------------------------------------------
--------------

--------------------------------------------------------------
-------------
Ethical Hacking at the InfoSec Institute. Mention this ad and 
get $545 off 
any course! All of our class sizes are guaranteed to be 10 
students or less 
to facilitate one-on-one interaction with one of our expert 
instructors. 
Attend a course taught by an expert instructor with years of 
in-the-field 
pen testing experience in our state of the art hacking lab. 
Master the skills 
of an Ethical Hacker to better assess the security of your 
organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
--------------------------------------------------------------
--------------


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Re: syslog GUI for Linux, (continued)
- Re: syslog GUI for Linux aruna (Apr 19)
  - Re: syslog GUI for Linux Daniel Cid (Apr 21)
    - Filtering SPAM with Linux ivan.hernandez (Apr 27)
    - Re: Filtering SPAM with Linux Rajeev Kumar (Apr 27)
    - RE: Filtering SPAM with Linux Sanjay K. Patel (Apr 27)
    - Re: Filtering SPAM with Linux Gene Cronk (Apr 27)
    - Message not available
    - Re: Filtering SPAM with Linux Ivan Hernandez (Apr 28)
    - Re: Filtering SPAM with Linux Waldo Gomez R. (Apr 28)
    - Re: Filtering SPAM with Linux Brandon Niemczyk (Apr 30)
- RE: syslog GUI for Linux Jim Conner (Apr 20)
- RE: syslog GUI for Linux Mathew Davies (Apr 24)