Security Basics mailing list archives
RE: Open source log analyzer
From: Daniel Cid <danielcid () yahoo com br>
Date: Fri, 15 Jun 2007 15:13:02 -0300 (ART)
Hi Mohamed, Splunk is not an open source log analysis tool. It is free for up to 500MB a day, but not open source. If you want _open source_ tools, you need to look at OSSEC[1], SEC[2], logwatch, etc. 1 - http://www.ossec.net 2 - http://www.estpak.ee/~risto/sec/ *Note that I am the developer of ossec, so my opinion "may be" biased.
From these open source tools, I would suggest ossec.
It comes with lots of rules by default, is scalable, support Windows logs, squid logs (same as netcache I guess), apache logs, etc... Hope it helps. -- Daniel B. Cid dcid ( at ) ossec.net --- Mohamed Farid <mfarid () mscc com eg> escreveu:
Go for splunk : www.splunk.org Mohamed Farid ,, Telecommunication & Security Department Manager ,,, Mediterranean Smart Cards Company ,, 92 Tahreer Street. Dokki / Cairo / Egypt Website : www.mscc.com.eg Email : mfarid () mscc com eg Phone : +2 02 3331439/+2 02 3331400 Fax : +2 02 7621164 Mobile : +2 0122258350 -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of sami seclist Sent: Wednesday, May 09, 2007 2:02 AM To: security-basics () securityfocus com Subject: Open source log analyzer Hi list, I'im looking for an open source log collection and analysis solution for a netCache appliance. It would be based on syslog for collecting events, but I would like your advice for an open source log analyser. A search on tools section of securityfocus.com came with about 40 results !! Any advice or experience sharing with these tools would be welcome. Thanks, sami. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * This e-mail (including attachments) is classified as Mediterranean Smart Cards Company confidential and proprietary information The recipient hereby is committed to hold in strict confidence the contents of this (e-mail, document, and information) and not to disclose to any third party without the prior written consent of Mediterranean Smart Cards Company. Recipient will be held liable for any unauthorized disclosure. It is intended solely for the addressee. Unless you are the addressee, you may not read, copy, use or store this e-mail in any way, or permit others to. If you have received it in error, please notify the sender by return e-mail and delete the message in its entirety, including any attachments * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
____________________________________________________________________________________ Novo Yahoo! CadĂȘ? - Experimente uma nova busca. http://yahoo.com.br/oqueeuganhocomisso
Current thread:
- RE: Open source log analyzer Mohamed Farid (Jun 13)
- Re: Open source log analyzer security.xentek (Jun 13)
- Re: Open source log analyzer Huzeyfe ONAL (Jun 14)
- Re: Open source log analyzer Florian Rommel (Jun 15)
- RE: Open source log analyzer Daniel Cid (Jun 15)
- Re: Open source log analyzer security.xentek (Jun 13)