On Thu, Jun 06, 2002 at 05:37:53PM +0100, John Horne wrote: > We have a Sun Solaris system which logs syslog messages from our router > access control lists. Does anyone know if there is any software which will > perform syslog file analysis and/or some form of intruder detection? I use swatch on my Sun machines for this; you can just egrep and have swatch send an email, etc. It's a very simple program, but doesn't really do any kind of verbose reporting or anything.
http://www.oit.ucsb.edu/~eta/swatch/ -- [ rich henning ] /"\ [ [EMAIL PROTECTED] ] \ / X support the ascii ribbon campaign against html e-mail / \ pgp: http://diss0nance.lawngnome.org/pgp_public.txt
