Security Basics mailing list archives

RE: syslog GUI for Linux

From: Jim Conner <jconner () lrn com>
Date: Tue, 20 Apr 2004 08:27:27 -0700

Well, I am going to be writing one soon.  I am building a central syslog
system for my company and am developing the entire deal...

Here is what I have done so far:

* The central server is an HP DL-360 G3 2.4Gigahertz 2.5Gigabyte machine
with a mirrored 72Gig hdd.
* The syslog daemon I am using is passlogd listening to eth1 which is
IP-less in PROMISC mode.
* I wrote a perl program (almost complete) that monitors the syslog file and
loads events into a MySQL database separating firewall entries to a separate
set of tables (currently supports PIX and iptables) from the system messages
tables.  The tables are nothing big.  Primarily, I set the tablespace up so
that duplicate entries don't get stored.
* I intend to write a PHP front end to perform queries against the database
for the syslog events.

I currently have a project on sourceforge that I was given explicit
permission from my employer to GPL.  I intend to ask for the same in this
project but I can't guarantee anything.  If they don't allow me to GPL the
project then I intend to re-write it for home use which I will GPL.

Now, I haven't really answered your question in a decent manner yet.  No, I
don't currently have an idea of a good solution to your delimma.  I couldn't
find one which is why I am writing my own.  However, if you or anyone else
has a better solution then I would love to hear it.  Why re-invent the
wheel? :)

- Jim

------------------------------------
Jim Conner   | Systems Administrator
310.209.5487 | http://www.lrn.com
LRN -- The Legal Knowledge Network


-----Original Message-----
From: aruna [mailto:arunah () slt lk]
Sent: Friday, April 16, 2004 10:01 PM
To: Omar Khawaja; security-basics () securityfocus com
Subject: Re: syslog GUI for Linux


Hello everybody,

May i also know if there is any avilability of a syslog message filter
via a web interface running on a Linux box.

Thanks for any help.

Regards

aruna
----- Original Message -----
From: "Omar Khawaja" <omarkhawaja () yahoo com>
To: <security-basics () securityfocus com>
Sent: Thursday, April 08, 2004 9:29 AM
Subject: syslog GUI for Linux

I am looking for a script / application that will allow me to display and
intelligently filter (based on time, source, etc.) syslog messages, via a
web interface.

Through a preliminary search, I have come across a few applications, but
none have been updated for the past few years and therefore don't work too
well with the newer versions of PHP, mySQL, etc.

Any recommendations would be deemed helpful. Thanks.

___
Omar Khawaja





--------------------------------------------------------------------------

Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or

less

to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the

skills

of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
--------------------------------------------------------------------------

--



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

RE: ARP spoofing attacks, (continued)
- - - RE: ARP spoofing attacks Ranjeet Shetye (Apr 16)
- Re: syslog GUI for Linux aruna (Apr 19)
  - Re: syslog GUI for Linux Daniel Cid (Apr 21)
    - Filtering SPAM with Linux ivan.hernandez (Apr 27)
    - Re: Filtering SPAM with Linux Rajeev Kumar (Apr 27)
    - RE: Filtering SPAM with Linux Sanjay K. Patel (Apr 27)
    - Re: Filtering SPAM with Linux Gene Cronk (Apr 27)
    - Message not available
    - Re: Filtering SPAM with Linux Ivan Hernandez (Apr 28)
    - Re: Filtering SPAM with Linux Waldo Gomez R. (Apr 28)
    - Re: Filtering SPAM with Linux Brandon Niemczyk (Apr 30)
- RE: syslog GUI for Linux Jim Conner (Apr 20)
- RE: syslog GUI for Linux Mathew Davies (Apr 24)