LogSurfer: http://www.cert.dfn.de/eng/logsurf/
Swatch: http://oit.ucsb.edu/~eta/swatch/
Regards
Muhammad Faisal Rauf Danka
Head of GemSEC / Chief Technology Officer
Gem Internet Services (Pvt) Ltd.
web: www.gem.net.pk
Key Id: 0x784B0202
Key Fingerprint: 6F8C EDCF 6C6E 06A5 48D7 6A20
Ben Corman said:
Hello Ben,
One that I highly reccomend, and use in the same scenario as you - is
LogSentry, available from http://www.psionic.com/
Chip
I recently brought up a PIX firewall and have all the logs directed to
a Linux syslog server. I'm hoping you all can direct me towards a
Shell scripting for custom pattern searching in syslog messages and alerting via
mail/web etc, would do the job.
But I'd like you to check Lire from www.logreport.org
Basically it is a log analyser for various log formats and all, including PIX.
I hope it is of some help to you :)
Regards
Hi
Swatch and Logsurfer are both good products.
Try a google search on them as i do not remember the URL's
Good luck
-Naveed
-Original Message-
From: Ben Corman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 03, 2002 11:55 PM
To: [EMAIL PROTECTED]
Subject: Log Watcher For a PIX
I
On 03/10/02 14:24 -0400, Ben Corman wrote:
I recently brought up a PIX firewall and have all the logs directed to a
Linux syslog server. I'm hoping you all can direct me towards a good log
watcher / parser that will alert me to suspicious activity.
Well, you could go with syslog-ng and
SWATCH (simple watch). It's the best. Written in perl.
RGdS!
G.
=
Patriotism is the virtue of the vicious, Oscar Wilde
-Original Message-
From: Ben Corman [mailto:[EMAIL PROTECTED]]
Sent: 03 ÃßÊæÈÑ, 2002 08:25 ã
To: [EMAIL