Hello Matt, There is an Australian product called Huntsman produced by Tier-3 that is primarily an Intrusion Detection System (IDS) but has a very flexible architecture that allows it to collect data from many data sources. If the product doesn't collect the logs you wish to collect out of the box, there is a collection API you can use to feed the logs into the system. By doing this you could consolidate your logs into a single point - the database used by the Huntsman's AI inference engine.
Their inference engine also provides an API that would allow you to customise your rules to let you know whenever an event of interest has occurred on you network. The inference engine is able to notify you through various methods such as SNMP traps, email, console messages etc. The web-based graphical user interface also provides access to the collected data via searches and graphs. Anyway, have a look at their website at http://www.tier-3.com Hope that helps. Karma > ----- Original Message ----- > From: "Matt" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, May 15, 2002 4:24 AM > Subject: Log Help > > > > Hi Everyone > > I was wondering if there were some suggestions on utilities to monitor > logs > > and if anyone has used them ? > > > > Im looking for a assistant to help me with my log reading. I know logs are > > important and that if I dont read them I am setting myself up for trouble > in > > many ways Security wise or other wise. The problem I have is there is so > darn > > many of them and being basically a lazy person I want to get the computer > to > > help me sort them all and monitor them all. I hate having to hunt down > logs > > scattered all over the place, and admittedly linux is tons better than > other > > operating systems I have used, its still a pain for me. > > Can I scan my logs for keywords and have the bot email me if it picks up > pre > > designated phrases or code words? Can I have a bot take predetermined > actions > > based on log entries? I want to shift the burden a little bit onto the > > computer and give me more time to think rather than react.... > > > > Any help , thoughts, comments, suggestions is appreciated. > > > > Thanks > > > > Matt > > > > >
