Tier-3 Huntsman will so exactly what you wanted, you can also centralise all your logs into one database on a Solaris machine
Take a look at www.tier-3.com Good luck ----- Original Message ----- From: "Rich Henning" <[EMAIL PROTECTED]> To: "John Horne" <[EMAIL PROTECTED]> Cc: <> Sent: Saturday, June 08, 2002 2:15 AM Subject: Re: Solaris IDS/syslog analysis > On Thu, Jun 06, 2002 at 05:37:53PM +0100, John Horne wrote: > > We have a Sun Solaris system which logs syslog messages from our router > > access control lists. Does anyone know if there is any software which will > > perform syslog file analysis and/or some form of intruder detection? > I use swatch on my Sun machines for this; you can just egrep and have > swatch send an email, etc. It's a very simple program, but doesn't > really do any kind of verbose reporting or anything. > > http://www.oit.ucsb.edu/~eta/swatch/ > > -- > [ rich henning ] /"\ > [ [EMAIL PROTECTED] ] \ / > X > support the ascii ribbon campaign against html e-mail / \ > > pgp: http://diss0nance.lawngnome.org/pgp_public.txt > >
