Re: Open source log analyzer (from: steven () aznc com)

[Steven Hollingsworth <steven () aznc com>]

On Wed, May 09, 2007 at 01:02:01AM +0200, sami seclist wrote:
> Hi list,
> I'im looking for an open source log collection

You could use a central syslog server [0] using syslog-ng [1], the link may
be for gentoo, but it works, just replace package management and conf
file locations.


> and analysis solution
> for a netCache appliance. It would be based on syslog for collecting
> events, but I would like your advice for an open source log analyser.
> A search on tools section of securityfocus.com came with about 40 results=
> Any advice or experience sharing with these tools would be welcome.
> Thanks, sami.

Personally I use SEC to react to log events on my machines, which is 
entioned in link [1]. Also this site [2] has a lot of resources concerning
log stuff as well.

HTH,

~ stevo


[0] - http://gentoo-wiki.com/HOWTO_setup_PHP-Syslog-NG
[1] - http://www.campin.net/newlogcheck.html
[2] - http://www.loganalysis.org/

Attachment: _bin
Description: