Security Incidents mailing list archives

Re: Log tools?

From: Pauline.van.Winsen () ESERV COM AU (Pauline van Winsen)
Date: Tue Jan 18 14:33:10 2000


hiya,

Can anyone recommend me a good logging tool for *nix to monitor logs?  I've
flipped through some tools at securityfocus, but haven't really found
anything I'm thrilled with.. is there a common one that most people are
using?


i use logsurfer. it uses regex, is taught to ignore messages,
rather than look out for particular messages, handles contexts -
"i've seen XYZ message, i want to whinge, but i'll wait & see
if ABC message arrives before i annoy you via SMS/pager/email/whatever".
it looks at any text file, handles log files.

& it's free - src available from:
http://www.cert.dfn.de/eng/logsurf/

hope this helps,
pauline

Current thread:

Re: Probe from UK Provider ?, (continued)
- - - Re: Probe from UK Provider ? Arrigo Triulzi (Jan 20)
    - Re: Probe from UK Provider ? Gene Harris (Jan 20)
    - Re: Probe from UK Provider ? Jason Witty (Jan 20)
    - Solaris BSM Audit Logs Wozz (Jan 17)
    - Re: Strange behaviour John Turner (Jan 17)
    - SMTP bombing Kaupo Palo (Jan 18)
    - Log tools? Chad Day (Jan 17)
    - Re: Log tools? James Phillips (Jan 17)
    - Re: Log tools? Gene Harris (Jan 18)
    - Re: Log tools? Richard Trott (Jan 17)
    - Re: Log tools? Pauline van Winsen (Jan 18)
    - AMD/Port 100099 and portmap Daniel K. Boyd (Jan 18)
    - Re: AMD/Port 100099 and portmap CyberPsychotic (Jan 18)
    - Large quantity of traffic from amazon.com - source_port 3000 Peter Bates (Jan 13)
    - Re: Port 4 Lutz Pressler (Jan 12)
    - Re: Port 4 Vanja Hrustic (Jan 13)
    - New vulnerability (fwd) Alfred Huger (Jan 13)
    - An Embryonic Counterintelligence Tool Stephen P. Berry (Jan 14)
    - Re: An Embryonic Counterintelligence Tool Vanja Hrustic (Jan 18)
    - Maillog Suspicious flirtingboy20 (Jan 11)
    - Re: Maillog Suspicious David A. Bandel (Jan 11)

(Thread continues...)