On 06/08/2012 02:48 PM, Steven Tardy wrote: > simple-evcorr.sourceforge.net (sec.pl) > the rules are a bit of a bear to learn, but it can do anything. > 300 syslogs/second using ~5% cpu and 20MB of ram with 600+ rules. > > On 06/08/2012 04:26 PM, Nataraj wrote: >> I'm looking for a logfile scanner that can search for regular >> expressions in logfiles and send immediate email notifications. I'd >> like to try to find something that doesn't use huge amounts of memory. >> I'm currently running fail2ban and used it to do some of this scanning, >> but I'm finding that it can suck up memory and CPU resources when there >> is a lot of logging going on. >> >> I am aware of swatch, but most people say that it is pretty resource >> intensive as well. I came across logsurfer in google search and was >> wondering if anyone has experience with it or what other good >> alternatives might exist. >> >> While fancy features are nice, I'm willing to forgo them for lower >> resource consumption. >> >> Thanks, >> Nataraji > _______________________________________________ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos
Thank you. sec looks like a useful tool. I will try it. Nataraj _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
