I need help in using or finding a good log analyzer.
Logwatch is shipped with redhat 7.2 but I want to use it to analyze /var/log/kernel, /var/log/snort/*, /var/log/message[snort:]. But I can't find any scripts for snort for logwatch. Logcheck is pretty good and fairly simple to configure but limited to /var/log/messages... I can't find any real HOWTO document for Logwatch or Swatch. Someone can tell me which log analyzer is a good one and where I can find HOWTO to help configure ? Thanks all. Jerome Tytgat
