I have a cenltralized repository usng rsyslogm and syslog to mirror /var/log/messages, /var/log/secure ,and information messages from cfengine. In the near future I hope to get auditd reporting to a central server. My immedate taks is to add some log analysis software on teh central server. I've started modifiying LogWatch to work with MySQL -- thats pretty straightforward -- but I'm curious what other solutions there may be out there. FOSS is preferred but a I'm not against a reasonably priced commercial product. So far everything Google has returned are commercial products for Windows sytems.
-- Stephen Carville _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog
